Microsoft® Windows® 2000 Security Handbook

Administration of Kerberos

So far, I have discussed the process of logging in to a Windows 2000 environment, the issuance of the Kerberos Ticket-Granting Ticket, receiving session tickets for access to network resources, and how Kerberos works in depth. I will now turn your focus to administrating the Kerberos authentication protocol in a Windows 2000 environment.

Configurable Policies

Kerberos has policies that can be configured in a Windows 2000 environment. These policies can be tuned for your particular environment. Also, the policies are domainwide. All network users will be affected by the changes you make. The following defaults will be set in the Release to Manufacture (RTM) of Windows 2000:

Enforce user logon restrictions: Enabled.

Get Microsoft® Windows® 2000 Security Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microsoft® Windows® 2000 Security Handbook by Jeff Schmidt

Administration of Kerberos

Configurable Policies

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly