1 out of 1 rated this helpful - Rate this topic

Kerberos Authentication

Updated: March 24, 2009

Applies To: Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Kerberos is an authentication mechanism used to verify user or host identity. This page contains the information you need to evaluate, plan, and deploy Kerberos, the preferred authentication method for services in Windows Server 2003.

Product Evaluation

What's New in Windows Server 2003 Kerberos Authentication

This page outlines the new features in Kerberos authentication and provides the basic information administrators need to begin using these features.

Planning and Architecture

Kerberos Protocol Transition and Constrained Delegation

This document examines ways to authenticate the users of Web applications and discusses how the new extensions to the Kerberos authentication protocol can satisfy these requirements.
Planning and Implementing Federated Forests in Windows Server 2003

This paper examines common scenarios where you can deploy Active Directory forest trusts and describes the related technologies in Windows Server 2003.

Deployment

Server Clusters: Security Best Practices, Windows 2000 and Windows Server 2003, General Assumptions

To ensure security in server cluster environments, organizations can implement these general assumptions and operational best practices for the infrastructure.
Kerberos authentication for load balanced web sites

This document explains how to configure Kerberos in a way that enables applications to use its authentication capabilities in a cluster that also uses network load balancing.
Planning and Implementing Federated Forests in Windows Server 2003

This paper examines common scenarios where you can deploy Active Directory forest trusts and describes the related technologies in Windows Server 2003.
Planning and Implementing Multitier Applications Using Windows Server 2003 Security Services

This white paper introduces Windows Server 2003 security technologies and describes how they operate and interact with each other to allow you to build multitier applications that use these technologies to provide enhanced security.

Interoperability

Solution Guide: Building Security and Directory Solutions for UNIX Using the Windows Server 2003 Active Directory Kerberos and LDAP Services

This guide covers evaluating, planning, building, and deploying a security and directory infrastructure based on Windows Server 2003 by using Active Directory, Kerberos, and LDAP services.

Operations

Troubleshooting Kerberos Errors

This white paper helps you troubleshoot Kerberos authentication problems by outlining simple troubleshooting basics, explaining the causes of common Kerberos errors, and summarizing common troubleshooting tools.
Troubleshooting Kerberos Delegation

This white paper explains how to troubleshoot delegation issues that can arise in Kerberos authentication scenarios, summarizes required infrastructure, and describes Windows authentication scenarios.
SPN Query

This script queries the Active Directory Global Catalog for a security principal with a specified service principal name (SPN).

Technical Reference

Kerberos Authentication Technical Reference

This reference explains Kerberos authentication and how the Kerberos version 5 protocol and extensions supported by Windows Server 2003 work.
Utilizing the Windows Authorization Data in Kerberos Tickets for Access Control to Resources

This document describes the structure of the Windows authorization data that is used by servers in performing access control. The information applies to Microsoft Windows 2000 Server and Windows Server 2003.

IT Developer

Additional Resources

Kerberos Resources for Windows 2000 Server

The information in the following articles also applies to Windows Server 2003–based Kerberos:

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)

Community Additions

ADD