For this series of blogs I will do a deep dive into the flows a domain-joined machine uses and what happens within those connections. Each VM is configured as seen below:. Additionally I used netsh to perform a network capture at boot up. The domain controller passes the query to the NetLogon service running on the domain controller which evaluates the query to determine which site the server belongs in. This process allows the machines to agree upon an authentication mechanism. See you on the next post!
You are commenting using your WordPress. You are commenting using your Google account. You are commenting using your Twitter account. You are commenting using your Facebook account. As the three-headed dog, Kerberos protocol has three main components.
Before we look in to Kerberos in detail, better to understand how typical key exchange works. Now it needs a symmetric key to start communication with Server A. This key only should use by Dave and Server A. By the looks of it seems quite straight forward, but in server point of view there are few challenges. But if there are hundred connections, it need to store all the keys involves. This will cost resources for server A. However, actual Kerberos protocol operation is more efficient than this.
KDC is responsible for two main functions. In example, when Dave logs in to the system, it needs to prove KDC that he is exactly the same person that he claims to be. KDC also maintain a copy of this key in its database. Once KDC receives the request it checks its user name and long-term key with its records.
TGT contain two things,. Once Dave receive this key, he can use its long-term key to decrypt the session key. After that, for all the future communication with KDC will be based on this session key. This request included TGT, timestamp encrypted by the session key and service ID the service which running on server A.
Once KDC confirms as a legitimate request, it creates another ticket and this is called as service ticket. It contains two keys. One for Dave and one for Server A. Finally ticket it ready and send over to Dave. Dave decrypt the ticket using session key. Once Dave send it over to Server A, it decrypts its key using its long-term key and retrieve session key. Using session key, it can decrypt the timestamp to verify the authenticity of the request. It includes copy of session key which KDC use to communicate with Dave.
Week 3 will explore authorization in a Windows environment. At the end of Week 3, you will be able to differentiate between different authorization mechanisms and use different technologies to secure data within the environment.
Week 4 explores built in security features of Windows and demonstrates how to use each technology effectively and in what circumstances you would use what technology for what purpose. At the end of week 4, you will be able to determine which technology is the best technology to use to secure certain portions of the Windows operating system. I'm very happy to finish this course. It was amazing to Manage the server through the tools kerberos for the strong security and Authentication.
Thanks Coursera community. Very informative and comprehensive! Would recommend to anyone interested in broadening or refreshing their knowledge of Windows Sever Security management. In this module we'll discuss how users are created, grouped and managed in an enterprise environment.
Windows Logon process.
0コメント