|
|
KDC. See Key Distribution Center (KDC)
KDCs, DNS name resolution and, 478
Kerberos
Account Policies (table), 34
authentication, 332, 336
authentication across domain boundaries, 467-468
authentication method described, 458-459
authenticator, 460-462
authorization data, KDC and, 479-480
concepts, 460-462
configuring client for delegation, 475
configuring trusts, 480-488
delegation of authentication, 459, 468, 474
DNS name resolution, 478
KDC, 462-464
and L2TP/IPSec, 375
KDC service (fig.), 471
Microsoft, and PAC, 517
overview, 459
preauthentication, 477-478
proxy and forwarded tickets, 469
safe, 472
session ticket (ST), 464
simplified trusts, 459
ticket-granting ticket (TGT), 466
v4 and v5 differences, 462
v5 protocol, 457, 490
Windows 2000, and, 470-474
Kerberos V5 protocol, 361
kernel mode, 305
Key Distribution Center (KDC), 459
keys
and compromised key attacks, 327
long-term, 464
public and private, 201
public and private (table), 268
recovering lost KMS, 242-244
KsecDD, 293
|
|