WMS Negotiate Authentication

Updated: October 4, 2007

Applies To: Windows Server 2008, Windows Server 2008 R2

If you want users to be able to access content based on their network logon credentials, you can enable the WMS Negotiate Authentication plug-in. This plug-in uses an encrypted challenge/response scheme to authenticate users. It is a secure form of authentication because the user name and password are not sent across the network; the player acknowledges the password by using a cryptographic exchange with the Windows Media server. The WMS Negotiate Authentication plug-in relies upon established user logon credentials that are authenticated using either NTLM or Kerberos authentication.

By using this plug-in, you can authenticate users on a variety of operating systems. NTLM authentication was the default authentication in Windows NT Server 4.0. It is retained in Windows Server 2003 and Windows Server 2008 for compatibility with computers that are running Windows NT Server 4.0 and earlier. It can also be used to authenticate users that log on to stand-alone computers that are running Windows 2000 Server or later. Kerberos authentication is the default authentication method used in the Windows 2000 Server and Windows XP operating systems.

This form of authentication is appropriate for an intranet site that needs to support a variety of Windows clients as well as provide protection for confidential content.

Community Additions