This chapter examines the security issues that you need to address when non-Microsoft, or heterogeneous, clients require access to resources in a Microsoft Windows 2000 network. The chapter begins by discussing the process of authenticating heterogeneous clients. Without authentication, the Windows 2000 security model can't determine which account to use for a user who's connecting from a heterogeneous client.
The chapter continues with an examination of the security issues that arise when multiple directory services are implemented in a network. Microsoft Metadirectory Services (MMS) allow multiple directories to work together to produce a single directory for an organization. An important security consideration is determining which directory service is authoritative for a specific attribute in the metadirectory.
The chapter concludes with a discussion of the security issues related to resource access when heterogeneous clients access resources secured by a Windows 2000 network and when Windows 2000–based clients access resources in a heterogeneous network environment. In this scenario you can consider a heterogeneous network environment to be an environment in which Windows 2000 isn't the primary network operating system.
To complete this chapter, you must read the chapter scenario. This scenario is used throughout the chapter to apply the design decisions discussed in each lesson.