Specifications
2-30
2.9.6 Network server authentication
Network environment and protocol
• The network authentication is a domain authentication Windows NT 4.0 Server, Windows 2000 and
2003 Server (Active Directory).
• The authentication protocol for Windows 2000 and 2003 server is Kerberos (encryption algorithm:
RSA RC4) and SMB (NTLM version 2). Windows NT 4.0 Server should be SP4 or later.
• The network server is specified by the domain name.
Windows NT uses WINS and Broadcast to detect the server (domain controller).
Active Directory uses SRV record (_ldap._tcp.<domain name>) of DNS to detect the server
(domain controller). A DNS that contains domain controller information and is compatible with
SRV record should be registered to the NGP.
• Active Directory uses LDAP to acquire user information such as e-mail address of the user from the
directory.
NGP
DNS
3 Kerberos authentication
5 User information acquisition (LDAP)
4 Authentication result
6 LDAP result
DC
2 Search result
1 Search for Data Center
Figure 1 : Basic Authentication flow for Active Directory
NGP
WINS
5. Kerberos authentication
3 DC search on NBT Broadcast (When WINS failed)
4 Search result (When WINS failed)
6 Authentication result
DC
2 Search result
1 Search for Data
Center(DC)
Figure 2
㧦
Basic authentication flow for Windows NT