August 2003
Intermediate to advanced
270 pages
10h 9m
English
Content preview from Kerberos: The Definitive GuideBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Windows Active Directory Authorization Field
The initial announcement by Microsoft that Windows 2000 would use Kerberos as its authentication system has produced mixed feelings in the security community. On one hand, observers lauded Microsoft for choosing a standardized Internet protocol for its security needs, opening the door for cross-platform authentication between Windows and other operating systems. However, concerned readers posted messages on discussion sites such as Slashdot implying that Microsoft was planning to “embrace and extend” the standard Kerberos protocol for their own gain.
It certainly didn’t help when Microsoft announced that Windows 2000 domain controllers would add a proprietary Privilege Access Certificate (PAC) to tickets returned by the KDC, and that a reimplementation of the Windows domain controller functionality would have to create valid PAC structures. Adding fuel to the fire, Microsoft has only released the full specifications to the PAC as a Windows executable file, requiring readers to accept a restrictive license that grants the right to review the specification only for security reasons, and specifically forbids the creation of software that implements the specification as described in the document. Readers who wish to download the full specification from Microsoft (and permanently give up their rights to develop Kerberos software relating to the information contained therein) can do so at http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=BF61D972-5086-49FB-A79C-53A5FD27A092 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.