Chapter 11. Using NT Login Authentication
IN THIS CHAPTER
Validating a Domain Login
Granting Account Permissions
Building a Login Validation Utility
In the previous chapter, you took a look at how Windows 2000 manages access to objects and services. This is only half of the security picture. The other half is user authentication. There are two methods of user authentication: the Windows NT LAN Manager (NTLM) protocol and the Kerberos protocol. In this chapter, you look at the NTLM authentication protocol, and then you'll look at the Kerberos protocol, as part of the Active Directory Security Interface (ADSI), in the next chapter.
Note
The topic discussed in this chapter is only applicable for NT 4 and Windows 2000, and really requires that these systems be configured to use NTFS-formatted drives. This functionality is not available on Windows 95 or Windows 98.
PREREQUISTIES
Before reading this chapter, you need to make sure you have a good understanding of the following:
NT security and security descriptors, Chapter 10, "Understanding Windows 2000 Security and Security Descriptors"