Category Archives: Active Directory

User Rights in Server 2012


Rights are authorized action a user can perform on the system. They are tightly coupled with permissions which are applied at object level. These user rights can be applied through local policies or centralized group Continue reading

Creating Roaming Profile – Quick and Easy

RoamingicoA profile is a folder that contains all the settings pertaining to a users work environment on the system. By default these settings are stored under C:/Users Folder or C:/Documents and Settings in older operating system. A roaming profile on the other hand is stored on a network drive instead of a local folder . It is downloaded and cached on the system where user logs on.This cached profile is saved back to the server once the user logs out of the system. The advantage here is that user can log on to any system and have a consistent work environment.

Creating a roaming profile is not that complicated. Lets quickly go through the basic steps Continue reading

Winlogon and its function

Understanding Winlogon and its functions.

We usually come across the term Winlogon in windows world and the first perception that we get is that this process might be used for handling interactive logons. This is partially correct but there’s a lot more in it that winlogon does.A legitimate winlogon process runs from “%Systemroot%\System32\Winlogon.exe” so make sure that you don’t get fooled by a virus or a Trojan running a process as winlogon from some other location.Let’s understand its role in different scenarios. Continue reading

An Introduction to NTLM (NT Lan Manager) and its Overview.

An Introduction to NTLM (NT Lan Manager) and its Overview.
LM\NTLM has been used as an authentication protocol in windows family since beginning. Lets walk back to get a clear picture about its evolution.
1.LM (Lan Manager)
This was the first form of secured versions of authentication protocols used by windows family since windows 95 and 98. However this version is rarely used and is now considered as one of the least secured in its type.
2. NTLM Version 1 – A better version of LM available with Windows NT and above. An authentication protocol considered as more improved and secured than LM, since it closed up a major security flaws present in LM.
3. NTLM Version 2 – The Most secured version in its family which is currently supported by Windows NT with SP4 and all above version of Windows Operating Systems. Continue reading

Kerberos in Windows – An Overview

Kerberos is used since a long time as an authentication protocol in the UNIX world. It entered the Windows family with Windows 2000 and is used with all the OS releases till date. Windows Active Directory uses Kerberos as a default authentication protocol. Its major advantage over other authentication schemes is its interoperability with Unix systems. When coupled with a strong password, Kerberos is considered to be the toughest to break through. Kerberos V5 is the current version used in the Windows Family. Continue reading

GPO – Kerberos Policies

What are Active Directory Kerberos Policies?

Kerberos remains the default authentication protocol in the active directory environment. There are five kerberos policies that directly relate to active directory authentication. These policies are supposed to be configured at the default domain level. Let’s walk through each of these policies in brief.

1. Enforce User Logon Restriction – The policy ensures that every Continue reading