How Does Kerberos Authentication Work?
A complete explanation of the Kerberos protocol is beyond the scope of this book, but briefly, here s a (very) simplified explanation as to how Kerberos authentication works. A user authenticates himself when he logs into the network. He provides his user name, and the user workstation then connects to a special ticket-granting service on a specific network host called an Authentication Server (AS), for login verification. The AS issues the user a credential (encrypted with that user s key, known by the server) called a ticket. The client machine holds on to this ticket, and uses it to demonstrate the user s identity when requesting network services.
Related Questions
- Windows Integrated Authentication is enabled on the Exchange virtual directory on the Exchange server, but Kerberos is disabled via the IIS metabase.?
- Isn it possible to extract a Kerberos principal into a keyfile for automatic authentication?
- Does configuring Kerberos authentication requires any special steps?
