Difference between Kerberos and NTLM Authentication Protocols?
MicroSoft recommends to use windows Authenitaction for SharePoint Applications. Windows Authentications can use either NTLM or Kerberose depends on the requirement.
NTLM
1.symmetric cryptography
2.trusted thirdparty:domain controller
3.microsoftsupported p/f:Win 98,2000,xp,windowsserver2003
4.features:slower authentication because of pass throgh authentication
5.no mutual authentication
6.No support of delegation of authentication
7.No support of smart card login features
8.proprietery:microsoft authentication protocol
9.No protection for authorization data carried in ntlm message
Kerberos
1.Basic kerberos:symmetic cryptographykerberos PKINT:Symmetric and asymmetric
2.Basic kerberos:domain controller with KDC serviceskerberos PKINT:domain controller with KDC service and Enterprise CA
3.Microsoft supported p/f:Win 2000,xp,windows server 20034.features:faster authetication because of unique ticketing systems
3.mutual authentication
4.support for delegation of authetication
5.supprot for smart card logon features
6.proprietery:open standard
7.cyptographic protection for authorization data carried in kerberos tickets
No comments:
Post a Comment