Kerberos Authentication Technical Reference

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Kerberos Authentication Technical Reference

The Microsoft Windows Server 2003 operating system implements the Kerberos version 5 authentication protocol. Windows Server 2003 also implements extensions for public key authentication. The Kerberos authentication client is implemented as a security support provider (SSP) and can be accessed through the Security Support Provider Interface (SSPI). Initial user authentication is integrated with the Winlogon single sign-on architecture. The Kerberos Key Distribution Center (KDC) is integrated with other Windows Server 2003 security services running on the domain controller. The KDC uses the domain’s Active Directory directory service database as its security account database. Active Directory is required for default Kerberos implementations.

This subject will explain what Kerberos authentication is and how the Kerberos V5 protocol and extensions supported by Windows Server 2003 work.

In this subject