Kerberos

Applies To: Windows Server 2008

Kerberos is a network authentication protocol that verifies both the identity of the user that is requesting authentication as well as the server providing the requested authentication, also known as mutual authentication. The Kerberos authentication mechanism issues tickets for accessing network services. These tickets contain encrypted data, including an encrypted password, that confirms the user's identity to the requested service.

Managed Entities

The following is a list of the managed entities that are included in this managed entity:

Name Description

Kerberos Client

Kerberos clients are applications acting on behalf of users who need access to a resource, such as opening a file, querying a database, or printing a document. Every Kerberos client requests authentication before the resource is accessed. Once the client is recognized as trusted, a secure session between the client and the service hosting the resource is established.

Kerberos Key Distribution Center

The Kerberos Key Distribution Center (KDC) is a network service that supplies session tickets and temporary session keys to users and computers within an Active Directory domain. The KDC runs on each domain controller as part of Active Directory Domain Services (AD DS).

Core Security