How windows OS authenticates domain username and password when the user is not connected to the domain controller / offline mode
HI,
I have been reading about Kerberos authentication mechanism on the internet recently. I totally understand how the KDC issues TGT/ service tickets and exchange keys to get mutually authenticated. All this happens when the client is connected
on the network.
Microsoft has implemented its own tweaked version of Kerberos authentication. I understand it works when user is connected to the network.
I want to know how windows authenticates user by validating username and password, when the user is not on the network (you can call this disconnected or offline mode)
Can somebody explain me the concept or guide me to resources online.
Thanks in advance for the answer
Ganapatsa
March 7th, 2012 6:20am
If Kerberos fails, as KDC not available on the Internet, it will fallback to using NTLM:
http://en.wikipedia.org/wiki/NTLM
Cheers
JJJason Jones |
Forefront MVP | Silversands Ltd | My Blogs:
http://blog.msedge.org.uk and
http://blog.msfirewall.org.uk
Free Windows Admin Tool Kit Click here and download it now
March 7th, 2012 6:52am