What are
Authentication and Authorization?
Authentication==> verifying
the identity of someone.
Authorization==> Determining
whether someone has permission to access a resource.
We Can use CA for
authorization.
User account type and
rights
Standard--> this
type of user can perform daily bases task. but he can not change system setting
and delete system files and install or uninstall programs.
Administrator-->
This account have all permission because its a super user of a system.
Windows authentication
type
1. Kerberos Version 5 Protocol-->
This is the main authentication method in windows client server model. its
provide authentication for user and computer.
2. Windows NT LAN Manager (NTLM). This
method is used for backward compatibility with pre windows 200 operating system
and some application. but it is less secure and flexible than Kerberos 5.
3. Certificate Mapping- typically used
with smart card.
Kerberos Authentication
Active Directory®
Domain Services (AD DS) implements Kerberos authentication
Benefits of Kerberos
Authentication for Windows 8 Clients
1. Faster connections---> User
without connecting domain server can login their computer.Clients can obtain
credentials for a particular server once, and then reuse them throughout a
network logon session.
2. Mutual authentication---> NTLM is
used when server authentication is needed but client vitrification on happens
once.
No comments:
Post a Comment