sécurité de connexion outlook 2003 vers exchange 2003
1 réponse
maquin adrien
bonjour,
serait-il possible de me dire qu'elles sont les caractéristiques des ces
différentes authentifications sous outllok 2003
-Authentification par mot de passe Kerberos/NTLM
-Auhtentification par mot de passe kerberos
-authentification par mot de passse NTLM
MERCI
maquin adrien
In the NTLM protocol, the client sends the user name to the server; the server generates and sends a challenge to the client; the client encrypts that challenge using the user’s password; and the client sends a response to the server.If it is a local user account, server validate user's response by looking into the Security Account Manager; if domain user account, server forward the response to domain controller for validating and retrive group policy of the user account, then construct an access token and establish a session for the use.
Kerberos authentication provides a mechanism for mutual authentication between a client and a server on an open network.The three heads of Kerberos comprise the Key Distribution Center (KDC), the client user and the server with the desired service to access. The KDC is installed as part of the domain controller and performs two service functions: the Authentication Service (AS) and the Ticket-Granting Service (TGS). When the client user log on to the network, it request a Ticket Grant Ticket(TGT) from the AS in the user's domain; then when client want to access the network resources, it presents the TGT, an authenticator and Server Principal Name(SPN) of the target server, contact the TGS in the service account domain to retrive a session ticket for future communication w/ the network service, once the target server validate the authenticator, it create an access token for the client user.
Pour faire du kerberos, il faut être en exchange 2003 / windows 2003 pour les DCs et Outlook 2003. Kerberos est plus sûr.
Le 1er mode dans outlook signifie qu'outlook va essayer de se connecter en kerberos et si cela échoue il essayera en ntlm
aurélia "maquin adrien" wrote in message news:
bonjour,
serait-il possible de me dire qu'elles sont les caractéristiques des ces différentes authentifications sous outllok 2003 -Authentification par mot de passe Kerberos/NTLM -Auhtentification par mot de passe kerberos -authentification par mot de passse NTLM MERCI maquin adrien
il y a 2 types d'authentification : kerberos ou ntlm. Voir la définition
ci-dessous ( désoél en anglais)
Kerberos VS NTLM
In the NTLM protocol, the client sends the user name to the server; the
server generates and sends a challenge to the client; the client encrypts
that challenge using the user’s password; and the client sends a response to
the server.If it is a local user account, server validate user's response by
looking into the Security Account Manager; if domain user account, server
forward the response to domain controller for validating and retrive group
policy of the user account, then construct an access token and establish a
session for the use.
Kerberos authentication provides a mechanism for mutual authentication
between a client and a server on an open network.The three heads of Kerberos
comprise the Key Distribution Center (KDC), the client user and the server
with the desired service to access. The KDC is installed as part of the
domain controller and performs two service functions: the Authentication
Service (AS) and the Ticket-Granting Service (TGS). When the client user log
on to the network, it request a Ticket Grant Ticket(TGT) from the AS in the
user's domain; then when client want to access the network resources, it
presents the TGT, an authenticator and Server Principal Name(SPN) of the
target server, contact the TGS in the service account domain to retrive a
session ticket for future communication w/ the network service, once the
target server validate the authenticator, it create an access token for the
client user.
Pour faire du kerberos, il faut être en exchange 2003 / windows 2003 pour
les DCs et Outlook 2003.
Kerberos est plus sûr.
Le 1er mode dans outlook signifie qu'outlook va essayer de se connecter en
kerberos et si cela échoue il essayera en ntlm
aurélia
"maquin adrien" <adrien_maquin@hotmail.fr> wrote in message
news:87DD6E2A-F898-462F-AF58-8CD17129F752@microsoft.com...
bonjour,
serait-il possible de me dire qu'elles sont les caractéristiques des ces
différentes authentifications sous outllok 2003
-Authentification par mot de passe Kerberos/NTLM
-Auhtentification par mot de passe kerberos
-authentification par mot de passse NTLM
MERCI
maquin adrien
In the NTLM protocol, the client sends the user name to the server; the server generates and sends a challenge to the client; the client encrypts that challenge using the user’s password; and the client sends a response to the server.If it is a local user account, server validate user's response by looking into the Security Account Manager; if domain user account, server forward the response to domain controller for validating and retrive group policy of the user account, then construct an access token and establish a session for the use.
Kerberos authentication provides a mechanism for mutual authentication between a client and a server on an open network.The three heads of Kerberos comprise the Key Distribution Center (KDC), the client user and the server with the desired service to access. The KDC is installed as part of the domain controller and performs two service functions: the Authentication Service (AS) and the Ticket-Granting Service (TGS). When the client user log on to the network, it request a Ticket Grant Ticket(TGT) from the AS in the user's domain; then when client want to access the network resources, it presents the TGT, an authenticator and Server Principal Name(SPN) of the target server, contact the TGS in the service account domain to retrive a session ticket for future communication w/ the network service, once the target server validate the authenticator, it create an access token for the client user.
Pour faire du kerberos, il faut être en exchange 2003 / windows 2003 pour les DCs et Outlook 2003. Kerberos est plus sûr.
Le 1er mode dans outlook signifie qu'outlook va essayer de se connecter en kerberos et si cela échoue il essayera en ntlm
aurélia "maquin adrien" wrote in message news:
bonjour,
serait-il possible de me dire qu'elles sont les caractéristiques des ces différentes authentifications sous outllok 2003 -Authentification par mot de passe Kerberos/NTLM -Auhtentification par mot de passe kerberos -authentification par mot de passse NTLM MERCI maquin adrien
