Contact info for Tech Philly
Home  •  Contact  •  Services  •  Support

            Tech Solutions

PC Upgrades Upgrades
Data Recovery Data Recovery
Computer Repair, Maintenance, and update Maintenance
Security From Viruses, Hackers, and Spyware Security
Network Solutions Networks
Website Search Engine Optimization Google Rank Increase Websites
Computer Repair Philadelphia Gateway Compaq Custom Systems

  • Location Service
  • 24/7 Help

Philadelphia Computer Tech Support
01 - 02 - 03 - 04 - 05 - 06 - 07 - 08 - 09 - 10 - 11 - 12 - 13 - 14 - 15 - 16 - 17 - 18 - 19 - 20 -

Security Support Providers
When the system is booted, Windows 2000 Server automatically starts two Security Support Providers
(SSPs): the Kerberos SSP and the NTLM SSP. Both SSPs are started by the LSA, and both are available to
authenticate network logons and connections between clients and servers. Windows 2000 Server defaults to
using the Kerberos SSP unless the client is not capable of using Kerberos, as is the case with Windows 9x. In
that case the NTLM SSP is used. The NTLM SSP is also used for Windows 2000 Servers that are configured
as member servers or stand-alone servers and also for logging on a domain controller locally instead of on
the domain. (Figure 3.14 outlines the process used when you log on locally.) The Kerberos SSP is used first
for authentication because it is the default for Windows 2000. However, if the user is logging on locally, an
error is sent to the Security Support Provider Interface (SSPI), and then the SSPI sends the logon request to
Figure 3.14 This is the logon process for local logons.
Credentials Cache
The client uses an area of volatile memory called the credentials cache. This area of memory is protected by
the LSA, and it can never be put in the pagefile on the hard disk drive. When the user logs off the system,
everything in the area of memory used for the credentials cache is flushed.
The Kerberos SSP controls the credentials cache and is used to attain as well as renew tickets and keys. The
LSA is responsible for notifying the Kerberos SSP when these functions need to be performed.
The LSA also keeps a copy of the userís hashed password in a secure portion of the registry while the user is
01 - 02 - 03 - 04 - 05 - 06 - 07 - 08 - 09 - 10 - 11 - 12 - 13 - 14 - 15 - 16 - 17 - 18 - 19 - 20 -

  Home Contact Data Recovery Search Engine Web Design/Hosting Networks

Serving the Philadelphia area with the best in tech service and support.

Tech Philly Custom Systems Data Recovery Emergency Service Maintenance Network Service Onsite Service Repair Security Software Spyware Upgrades Viruses Website Design Website Hosting Wireless Computer