Special Edition Using Microsoft Active Directory

Kerberos Roles in Windows 2000

Every Windows 2000 domain controller (DC) hosts an instance of the Kerberos service called the Kerberos Key Distribution Center. This means that a client can authenticate to any DC in its own domain. Although Kerberos on Windows 2000 is implemented as a single service, conceptually a Kerberos Authentication Architecture contains several roles. We will discuss the process of using these services in more detail later in the chapter.

Key Distribution Center

The Key Distribution Center is the actual service that runs on every Windows 2000 domain controller. It is started by the local security authority (LSA) and runs in the process space of the LSA. The KDC uses the Active Directory database as its account database. ...

Get Special Edition Using Microsoft Active Directory now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Special Edition Using Microsoft Active Directory by Sean Fullerton, James Hudson

Kerberos Roles in Windows 2000

Key Distribution Center

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly