Export (0) Print
Expand All

Windows Server 2008 Glossary - R

Updated: June 10, 2009

Applies To: Windows Server 2008

For more Windows Server terms, see either the Windows Server 2008 R2 Glossary or the Windows Server 2003 Glossary.

#  A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z

A security authentication protocol based on a client/server model. RADIUS is widely used by Internet service providers (ISPs) for authenticating and authorizing dial-up, virtual private network (VPN), wireless, and authenticating switch clients.

The client software that enables users to connect to a remote computer or terminal server that has the Remote Desktop feature enabled.

A domain controller that has read-only copies of directory partitions.

After a system failure, the restoration of lost data or the reconciliation of conflicting or erroneous data.

A command-line interface that provides a limited set of administrative commands that are useful for repairing a computer.

A key that is used for recovering data that is encrypted on a BitLocker volume. This key is cryptographically equivalent to a startup key. If available, the recovery key decrypts the volume master key, which in turn decrypts the full volume encryption key. The recovery key is stored on a USB flash drive. To use the recovery key, a user inserts the USB flash drive and then restarts the computer.

The log where the quorum resource stores data. This data is maintained by the clustering software.

A mode in which BitLocker Drive Encryption prevents access to the encrypted drive, either because the system components have changed or because it needs an authentication key. In this circumstance, the user investigates why BitLocker triggered recovery mode and can either repair the system or enter the recovery password to exit recovery mode.

For BitLocker Drive Encryption, a numerical password that consists of 48 digits divided into 8 groups. Each group of 6 digits is reduced to modulo 11 (a numerical calculation) before being compressed into corresponding 16 bits of passphrase data. A copy of the passphrase data is stored on disk encrypted by the volume master key and thus an administrator can retrieve the recovery password after Windows has loaded. The recovery password must be entered by using the function keys on the keyboard.

A BitLocker Drive Encryption file that uses the naming convention: <GUID>.bek (including the BitLocker .fve file name extension), which contains the recovery key that is required to unseal the volume during recovery.

The portion of a security identifier (SID) that identifies a user or group in relation to the authority that issued the SID. The authority is usually either the local computer or a domain.

The portion of a security identifier (SID) that identifies a user or group in relation to the authority that issued the SID. The authority is usually either the local computer or a domain.

A security authentication protocol based on a client/server model. RADIUS is widely used by Internet service providers (ISPs) for authenticating and authorizing dial-up, virtual private network (VPN), wireless, and authenticating switch clients.

A Windows feature that allows users to connect remotely to a computer and access programs, files, and network resources as though they were sitting at the computer.

A feature of Windows that when deployed on a Web server, allows a user to connect to Remote Desktop Session Host servers and other computers through a Web browser, even if the full Remote Desktop Connection client is not installed on the user's computer.

A snap-in that allows users to manage Remote Desktop connections to terminal servers and computers that are running Windows Server.

A feature in Windows Server that enables remote management of Windows Server operating systems by allowing users to open and run management tools on a remote computer.

Synchronization of data between a source computer and one or more destination computers.

An attribute of an application that indicates which type of access token to use when the application is started. The requested execution level can be defined in an application manifest or an AppCompat database entry, or it may be derived automatically by the Windows operating system based on heuristics, if no application manifest is present.

For failover clusters or server clusters, a physical or logical entity that is capable of being managed by a cluster, brought online and taken offline, and moved between nodes. A resource can be owned only by a single node at any point in time.

A single security principal—usually a user account—that is created in Active Directory Domain Services (AD DS) and used to map to a single federated user.

A dynamic-link library (DLL) that contains instructions for managing one or more types of cluster resources in a failover cluster or server cluster.

The federation server in the resource partner organization. The resource federation server typically issues security tokens to users based on a security token that is issued by an account federation server. The server receives the security token, verifies the signature, transforms the organizational claims based on its trust policy, generates a new security token based on information in the incoming security token, and signs the new token to return to the user and ultimately to the Web application.

The federation server proxy that is located in the perimeter network of the resource partner organization. The resource federation server proxy performs account partner discovery for Internet clients, and it redirects incoming security tokens to the resource federation server.

In AD FS, a single security group, which is created in Active Directory, that incoming group claims (AD FS group claims from the account partner) are mapped to.

A cluster software component that provides a communication, monitoring, and processing layer between the Cluster service and one or more clustered resources.

A component of Windows Reliability and Performance Monitor that displays real-time CPU, memory, disk, and network performance information collected from the Windows Kernel Trace provider and performance counters.

A federation partner that trusts the Federation Service to issue claims-based security tokens for Web-based applications (that is, applications in the resource partner organization) that users in the account partner can access.

Class of resources, such as print spooler, physical disk, or file share.

An access token with restricted access to securable objects or performing privileged tasks.

A logical portion of the network where client computers that either do not meet health policy or are not capable of asserting that they meet health policy are placed. Computers in the restricted network cannot initiate communication to resources in the secure network.

An access token with restricted access to securable objects or performing privileged tasks.

A cluster software component that provides a communication, monitoring, and processing layer between the Cluster service and one or more clustered resources.

The portion of a security identifier (SID) that identifies a user or group in relation to the authority that issued the SID. The authority is usually either the local computer or a domain.

A domain controller that has read-only copies of directory partitions.

A dynamically configured set of attributes that are not replicated to a read-only domain controller (RODC). This prevents those attribute values from being revealed if an RODC is compromised.

A unit of logically grouped features and elements needed to perform a specific function.

A software program or logical collection of software programs that provide the functionality of a role.

A feature in Windows Server that enables remote management of Windows Server operating systems by allowing users to open and run management tools on a remote computer.

An attribute of an application that indicates which type of access token to use when the application is started. The requested execution level can be defined in an application manifest or an AppCompat database entry, or it may be derived automatically by the Windows operating system based on heuristics, if no application manifest is present.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft