There are four
Windows NT Domain Models:
Single Domain Model
The Single Domain Model has only one domain. It is mostly used for very small enterprises and home networks. If there are many servers within the domain, the system can suffer from data transfer slowdowns and browsing delays. All accounts and resources are centralized, and the theoretical maximum is 40,000 users (but the speed would be unbearably slow).
Master Domain Model
The Master Domain Model are set up such that all accounts are kept in one domain and all resources are kept in another domain. The accounts are centralized while the resources are decentralized. The resource domain has a trust relationship with the master controlling domain.
Multiple Master Domain Model
The Multiple Master Domain Model allows any number of users. Resources are decentralized while the accounts are centralized among the master domains. This setup is used with large businesses and entities that require connectivity between different geographic locations and administrations. Creating trusts is a complex task with this domain model. To calculate the number of trusts required, use the following formula:
TRUSTS = # of Domains * (Master Domains - 1) +
(# of Resource Domains * Master Domains)
Complete Trust Domain Model
The Complete Trust Domain Model is set up where each domain has accounts and resources that can be shared by other domains. This setup is extremely resource-intensive in terms of servers and human administration. There is no limit to the number of users, and both the accounts and resources are decentralized. This is the least used domain model. To calculate the trust relationships required, use the following formula:
TRUSTS = (# of Domains * (# of Domains - 1)
As you can see, the number of trusts required is almost the amount of domains squared.
Domains can be set up according to department, political decisions, or anything that allows required resources to be matched with the users. Each domain can be set up to allow different accounts and policies.