Re: How to comprehend "security principal"?
From: Glenn L (the.only(delete)_at_gmail.com)
Date: 11/04/04
- Next message: Mike: "automated user creation"
- Previous message: Glenn L: "Re: Domain rename in windows 2003"
- In reply to: Dave Shaw [MVP - Directory Services]: "Re: How to comprehend "security principal"?"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 3 Nov 2004 20:32:15 -0800
Additionally, security principles are referenced by the OS using a SID that
is assigned to the principle.
The SID is a globally unique number that includes the domain SID and a
unique RID (relative identifier)
When a principle authenticates to the domain (only users and computers can
authenticate), it recieves a "token", which is a data structure that
contains, among other things, the SIDs of all the groups to which the
principle is a member.
The principle presents this token to any resource it wishes to access.
-- Glenn L CCNA, MCSE (2000,2003) + Security "Dave Shaw [MVP - Directory Services]" <dhshaw@NO-SPAM.msn.com> wrote in message news:OKJq%237awEHA.1984@TK2MSFTNGP14.phx.gbl... >A "Security Principal" is an entity, represented by an object in the > directory, that has the ability to access directory resources such as, > data > on drives, printers, objects in the directory itself, etc. Security > Principals are either assigned rights or inherit them. > > In Active Directory, there are three recognized Security Principals: > Users, > Computers, and Groups. In other directories, you might find that > Organizational Units are Security Principals as well (the subject of > intense > debate at times). > > -ds > > > "Leo Zhang" <zhjno1xp@163.com> wrote in message > news:u4LiAyXwEHA.4004@tk2msftngp13.phx.gbl... >> How to comprehend "security principal"? >> >> > >
- Next message: Mike: "automated user creation"
- Previous message: Glenn L: "Re: Domain rename in windows 2003"
- In reply to: Dave Shaw [MVP - Directory Services]: "Re: How to comprehend "security principal"?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
