Manualshelf

HP CIFS Server 3.0d Administrator's Guide version A.02.02 (Edition 5)

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
191192193194195196197198199200
Kerberos Support
Kerberos Overview
Chapter 8182
Kerberos CIFS Authentication Example
Figure 8-1 Kerberos Authentication Environment
The following describes a typical Kerberos logon and share service
exchange using Kerberos authentication in an Windows 2000/2003
domain environment shown in Figure 8-1:
1. The Windows Client sends the principal name and password to the
Authentication Server (AS) when running a user netlogon command.
2. The AS validates the principal and sends credentials to the Windows
client, including a Ticket Granting Ticket (TGT) and associated session
key that allows the client to access the Windows KDC.
3. The Windows client uses the session key and the TGT to request a
service ticket for a share service from Ticket Granting Service (TGS).
4. TGS sends the service ticket and other information to the Windows
client.
indows 2000/2003 KDC
AS TGS
HP CIFS Server
Resource
1
234
6
5
W
Authenticatee
Authenticator
Windows 2000 or XP Client