Active Directory

What are the 3 main parts of Kerberos?

Kerberos-authentication-issues

Kerberos is a network authentication protocol that provides secure authentication for client/server applications by using secret-key cryptography. The Kerberos protocol is composed of three main parts:

  1. Authentication Server (AS): The AS is responsible for initial authentication of a user. When a user wants to access a network resource, they send a request to the AS for a ticket-granting ticket (TGT). The AS verifies the user’s identity and creates a TGT, which contains the user’s identity and a secret key that can be used to authenticate the user to other servers in the network.
  2. Ticket-Granting Server (TGS): The TGS is responsible for issuing service tickets to users. When a user wants to access a specific network resource, they send a request to the TGS for a service ticket. The TGS verifies the user’s identity by checking the TGT, and then creates a service ticket that contains the user’s identity and a session key that can be used to encrypt and decrypt messages between the user and the server hosting the resource.
  3. Client: The client is the user or application that wants to access a network resource. The client sends requests to the AS and TGS to obtain the necessary tickets to access resources in the network. Once the client has obtained the necessary tickets, it can use them to authenticate itself to servers in the network and access the resources it needs.

These three parts work together in a series of exchanges to provide secure authentication and authorization for users and applications in a network environment. By using secret-key cryptography and a trusted third-party (the Kerberos server), the Kerberos protocol provides a high level of security and protection against network attacks such as eavesdropping, tampering, and replay attacks.

So, that’s all in this blog. I will meet you soon with next stuff. Have a nice day!!!

Guys please don’t forget to like and share the post. Also join our WindowsTechno Community and where you can post your queries/doubts and our experts will address them.

You can also share the feedback on below windows techno email id.

If you have any questions, feel free to contact us onadmin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.

 

How useful was this post?

Click on a star to rate it!

As you found this post useful...

Follow us on social media!

Was this article helpful?
YesNo

Vipan Kumar

He is an Active Directory Engineer. He has been working in IT industry for more than 10 years. He is dedicated and enthusiastic information technology expert who always ready to resolve any technical problem. If you guys need any further help on subject matters, feel free to contact us on admin@windowstechno.com Please subscribe our Facebook page as well website for latest article. https://www.facebook.com/windowstechno

Leave a Reply

Back to top button