When a user or machine logs onto a domain, he, she, or it interacts with a collection of functions that make up the Windows Logon service, better known in development circles as WinLogon. WinLogon is now fully integrated with Kerberos, which provides the initial Single Sign-On architecture now part of Windows 2003. After the logon, the user continues to be attached to the security protocol its client software best understands, which could be Kerberos, NTLM, or Secure Sockets Layer/Transport Layer Security. These protocols transparently move the user's identity around the network.
The authentication model of Windows 2003 is the same as Windows NT and almost every computer system in the world. However, it is not so much the model that causes problems in network security, but rather the other missing or weak links in the chain.
Was this article helpful?