Re: Authentication to mapped drives

Tech-Archive recommends: Speed Up your PC by fixing your registry

"jmp13" <jmp13@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6014BEDE-EE54-4CE1-8A1D-5B0386AA0396@xxxxxxxxxxxxxxxx
I have a client who has a wireless network open to students that can gain
access to resources via a mapped drive. I want to know where the
authentication is taking place.


Domain authentiction takes place at the
domain controller (messages exchange
between the user's computer and the DC
through a secure channel.)

NTLM(v2) is reasonably secure; Kerberos more so.

Kerberos is used with both client and DC are running
Win2000 or better. NTLM is used if either side is
running an NT or 9x system.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]


"Herb Martin" wrote:

"jmp13" <jmp13@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:50C4CEB5-C13A-4927-B16D-668D5A62AFA0@xxxxxxxxxxxxxxxx
I was wondering how Windows handleds authentication to mapped drives.
I'm
logged on locally to the workstation, map a drive to file server share
and
enter the domain credentials. Does the request for authentication work?
Does
the FS handled it or is it passed onto the DC?

In general, the user authenticats at logon and acquires
credentials which are passed (not the actual password)
to the file server at first connection which either accepts
or refuses the users connection.

There are differences between the NT/LM (legacy)
authentication & authorization vs. the current (2000+)
Kerberos methods, but the general idea is the same
for resource access.

There is also the possibility to authenticate directly
when attempting to connect with a server for resource
access but this is just an explicit version of one of the
above methods (NTLM or Kerberos) which allows for
connecting to a resource using credentials other than
the one the user provide at logon to the local computer
and/or domain.

What specifically are you trying to understand or solve?

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]





.

Relevant Pages

  • Re: IIS6 - Integrated Authentication Probs
    ... When you use Basic authentication, ... outlined in Chapter 5 of the IIS 6 Resource Kit: ... > b) - Despite the fact these credentials are being parsed, ... > Hence - this is a general problem with the way the web server is using my ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS6 - Integrated Authentication Probs
    ... So I cant go the whole way with constrained delegation, ... > what makes it more secure that Basic authentication. ... >> credentials to authenticate with the target resource. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Kerberos machine authentication - apparent authentication fail
    ... I installed the Resource Kit. ... > mean that kerberos authentication is not being used. ... Three machines are workstations and three are ...
    (microsoft.public.windows.server.security)
  • Re: Integrated Authentication Timeout
    ... Integrated Authentication is an umbrella that actually consists of several ... that connection is presumed to be authenticated as the initial user. ... Kerberos Authentication is something totally different. ...
    (microsoft.public.inetserver.iis.security)
  • Re: localhost vs. macinename in URL (access denied)
    ... Impersonation with Integrated Authentication will work if you are accessing ... a resource on the same machine. ... being delegated to allow delegation or change the computer account to allow ...
    (microsoft.public.dotnet.security)