What is the difference between on-domain and off domain?

On Domain (Windows/Mac/Linux):

This means the computer is bound to the campus authentication servers.  Because it is connected to the campus authentication, it allows a few things to happen:
  • User Home Directory Access: Your personal home (H:) drive will be mounted and available.  Your home drive is a network location that stores your preferences and documents.  It is backed up nightly by Michigan Tech and retention of data exists for up to two years after you leave the University.
  • Access to the Multidrive/Departmental Shares:  In Windows and Mac OS you will have access to the Multidrive (Departmental Share), which is a network storage location that stores centrally shared departmental or research data.  Data stored in these locations is backed up nightly and retained for up to a year.
  • Machines joined to the domain are patched by a central server weekly.  This means security and stability patches can be pushed on a routine basis to these machines.
  • Network printers follow your user account and will remain the same on any machine you log in on. This allows printing to familiar locations from any computer you use.
  • No administrator privileges are allowed for on-domain machines. Administrative privileges allow for manipulating vital network and system information. If a domain-bound machine with administrative access is compromised, it could compromise every other domain bound machine within minutes.

Off Domain (Windows/Mac/Linux):

This means the machine is not bound to any servers. An off-domain machine will use local accounts and local authentication.

  • Data is stored locally on the machine’s hard drive. However, it is recommended that you manually mount your Multidrive/Departmental Shares, and store data there.

  • You are at risk for data loss with off-domain systems and locally stored data. It is not backed up by IT.

  • Machines are not updated by IT and will have to be manually updated by you to receive the latest security and stability patches.

  • If you are off campus, you will need F5 VPN Client to access any Michigan Tech Site licensed programs, your Multidrive (home drive), and departmental shares

  • Printers are added locally and require Papercut to be running to print.  

  • Since the machine is not bound to any Michigan Tech domain, you are allowed to have administrative privileges.

Direct link to Article