Windows Authentication

• Authenticating with Local User
• Authenticating with Domain User

It can also be grouped as:

• Interactive Authentication : Where windows ask User for credential
• Non-Interactive Authentication : Where user does not specify credentials

Authenticating with Local User

When a local user authenticate the the windows os checks the user credentials with the locally stored user credentials in the SAM

Authenticating with Domain User

A domain User belongs to a specific AD Domain, when a user authenticates, his credentials is compared with that specified in the Domain controller. Remote logins requires administration priviledges

Authentication Packages

Logon Sessions

Access Token

• Process Tokens (Primary Token)
• Thread Tokens (Impersonation Token)