O'Reilly logo

Learning Microsoft Windows Server 2012 Dynamic Access Control by Jochen Nickel

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Claims support in Windows 8/2012 and newer

The following section gives a short introduction to the most important changes in the Kerberos protocol.

Kerberos authentication enhancements

The Kerberos authentication enhancements include:

  • Kerberos Security Support Provider (SSP)

    The main enhancement is placed in Kerberos.dll that includes user claims and device authorization. This functionality helps you to use your device information for authorizing access to a file or folder.

  • Key Distribution Center (KDC)

    KDC support claims.

  • Claim information within the Privilege Attribute Certificate (PAC) includes:
    • PAC in Pre-Windows 2012: It contains user and group membership security identifiers
    • PAC in Kerberos Ticket Granting Ticket (TGT): It contains information for ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required