Updated: November 30, 2007
Applies To: Windows Server 2008
Kerberos is a network authentication protocol that verifies both the identity of the user that is requesting authentication as well as the server providing the requested authentication, also known as mutual authentication. The Kerberos authentication mechanism issues tickets for accessing network services. These tickets contain encrypted data, including an encrypted password, that confirms the user's identity to the requested service.
The following is a list of the managed entities that are included in this managed entity:
Kerberos clients are applications acting on behalf of users who need access to a resource, such as opening a file, querying a database, or printing a document. Every Kerberos client requests authentication before the resource is accessed. Once the client is recognized as trusted, a secure session between the client and the service hosting the resource is established.
The Kerberos Key Distribution Center (KDC) is a network service that supplies session tickets and temporary session keys to users and computers within an Active Directory domain. The KDC runs on each domain controller as part of Active Directory Domain Services (AD DS).