Summary
Every logon session requires authentication, whether it is an interactive logon session for a user, a network session between a user and a service, or the service itself. The Kerberos protocol is the default authentication protocol for Windows 2000. It uses information in the Active Directory database to identify each security principal as it requests credentials from the Kerberos KDC. Along with information that uniquely identifies each user, the KDC returns authorization data that enables Windows 2000 to determine the level of privilege for a user. This authorization process is what Chapter 19, "Authorization," discusses.
Get Special Edition Using Microsoft Active Directory now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
