14 KERBEROS
In Windows 2000, the Kerberos authentication protocol replaced Netlogon as the primary mechanism for authenticating users on a domain controller. This chapter builds upon the description of interactive domain authentication in Chapter 12 to explain how a user can authenticate to a Windows domain using Kerberos.
We’ll start by looking at how Kerberos works, including how to generate the encryption keys used in the protocol, and decrypt Kerberos authentication tokens. Once you understand the inner workings of the protocol, we’ll cover the delegation of authentication and the role of Kerberos in user-to-user authentication protocols. ...
Get Windows Security Internals now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
