We begin by summarizing the cornerstone of Windows NT security -- user authentication. You must understand its basics before you can make some central decisions about domain structure, the most fundamental determinant of who does what on your network and where they can do it. A networked operating system like Windows NT imposes security by granting specific services and fulfilling specific requests to some people and not others. Basic to this decision is "who is the person." Like most operating systems, Windows NT casts the user identity in a user account, a collection of information about what the user or users of that account can and cannot do on the system.