Office SharePoint Server 2007 provides new authentication capabilities not found in past versions of SharePoint Portal Server. Previous SharePoint versions could authenticate only with Windows user accounts, either locally on the server or in an Active Directory domain. Although this is ideal for organizations that have already deployed Active Directory and wish to use SharePoint as an intranet solution, it limited SharePoint's ability to be used as an extranet or public web site solution because organizations generally don't want to add accounts to their Active Directory for outside users. Office SharePoint Server 2007 offers a new authentication infrastructure that works inside of ASP.NET. This allows for a wide range of new authentication options.
The out-of-the-box supported authentication capabilities of Office SharePoint Server are LDAP, Microsoft SQL Server, and Active Directory (single domain only). Additional capabilities are available through ASP.NET authentication providers. For further information on ASP.NET authentication providers, refer to the following link:
The Windows authentication provider supports two methods of authenticating users, NTLM and Kerberos.
The default method of Windows authentication in Office SharePoint Server 2007 is NT LAN Manager (NTLM). It offers the best compatibility, as it is compatible with pre-Windows 2000 versions ...