Solved

difference between Windows account and Active Directory

Posted on 2009-05-05
2
773 Views
Last Modified: 2013-12-19

Hi

what is the difference between Windows account and Active Directory
thanks,
0
Comment
Question by:ram27
2 Comments
 
LVL 4

Expert Comment

by:Macros82
ID: 24310119
That is an odd question.

Active Directory is a centralised platform/directory for managing permissions on user and computer accoutns and for applying group policy for a Windows Domain. It also provides a Domain authenitcaiton which is more secure than local authentication
Windows account is... well im not sure what you are talking about here. Are you talking about local machine accounts?
0
 
LVL 7

Accepted Solution

by:
askb earned 500 total points
ID: 24492289
In a Windows environment, a user bootstraps the authentication process by pressing CTRL+ALT+DEL [this is known as the Secure Attention Sequence (SAS)] to log on to a machine or a domain. Microsoft calls this method of authenticating a user to the Windows system an interactive logon feature or local logon feature. A valid interactive logon feature results in a logon session. If a user wants to access a resource that is located on another machine during its logon session, another authentication process will be started: This authentication process is referred to as a noninteractive logon method or network logon method. A valid noninteractive logon method results in a network logon session.

Every entity that authenticates to a Windows system is called a principal. A principal is identified by its Security Identifier (SID); to prove its identity during an authentication process, a principal uses credentials. Credentials allow principals to be distinguished from one another and to identify them. Examples of credentials are a principals account name and its password. If the operating system accepts this type of credentials for authentication, the fact that the principal knows its account name and password is regarded by the operating system as a proof of its identity. Do not confuse principal and account: An account is a record in an authentication authoritys database; a principal is an entity that can be identified by a Windows system. 

The authentication authority differs depending on what you are logging on to. If you log on locally to a machine, it is the Local Security Authority (LSA) on the machine itself, but if you log on to a domain, authentication is performed against the LSA of a domain controller. To be able to validate a principals identity, the authentication authority needs a copy of a principals credentials, which are stored in the authentication database.


For more details read book - "Windows Server 2003 Security Infrastructure" which covers lots of stuff and is quite comprehensive.

0

Featured Post

The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

Join & Write a Comment

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Read about achieving the basic levels of HRIS security in the workplace.
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now