Special Edition Using Microsoft Active Directory

Authorization Step by Step

Now that you have a handle on the components of Active Directory security, let's take a look at authenticating, getting your authorization data, and accessing an object. This process essentially involves acquiring a list of who you are (user and group SIDs) and then presenting that list to whomever you are interested in accessing.

Gathering the User's Credentials

In Chapter 18, "Authentication," you looked at the logon process from a Kerberos perspective. In that chapter, you saw how a Kerberos key distribution center (KDC) uses a secret key created from your password to prove your identity when you first request a ticket granting ticket (TGT).

Authorization Data in the TGT

When the KDC creates the TGT, it uses the ...

Get Special Edition Using Microsoft Active Directory now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Special Edition Using Microsoft Active Directory by Sean Fullerton, James Hudson

Authorization Step by Step

Gathering the User's Credentials

Authorization Data in the TGT

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly