Problem solve Get help with specific problems with your technologies, process and projects.

Single Sign-On (SSO) for a mixed environment

Win2k default authentication is Kerberos v5 implemented by Microsoft. Can a different authentication method be chosen, and I am not talking about IPSEC? For example, IBM's software for NT like Tivoli's SecureWay Products, other AIX products, Sun or SCO Products. Am I not really asking about a Single Sign-On (SSO) for a mixed environment?

One feature of Windows 2000 is the ability to support different authentication methods via the Security Support Provider (SSP). Windows 2000 supports three primary SSP's. They are:

*Microsoft Kerberos
*NTLM Challenge/Response
*SChannel Security Protocols

While Kerberos is the default authentication method in Windows 2000, other methods could be used through the Security Support Provider Interface or SSPI. The SSPI provides an interface by which the client can communicate with an installed security service library. The idea here is that other third-party security providers developing their own authentication libraries to interface with Windows 2000.

In addition, Windows 2000 uses these network SSPs to provide authentication services using digital certificates:

*Distributed Password Authentication (DPA) - an Internet authentication protocol
*Extensible Authentication Protocol (EAP) - extension to Point-to-Point (PPP) protocol
*Public key-based protocols - this includes SSL, TLS1 and Private Communication Technology

Dig Deeper on Enterprise desktop management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.