Sign in with
Sign up | Sign in
Your question

What actions occur with at login?? auth?? ports used??etc..

Tags:
  • Login
  • Security
  • Domain
  • Microsoft
  • Windows
Last response: in Windows 2000/NT
Share
March 8, 2005 8:29:02 AM

Archived from groups: microsoft.public.win2000.security (More info?)

all.

I am looking to find out what actions are taken when a domain user logs into
a domain and also what actions are taken when a user authenticates on a
domain. What ports are used?? If databases are being used what actions are
happening with ODBC and the like??

Thanks in advance.

r

More about : actions occur login auth ports

Anonymous
a b 8 Security
March 8, 2005 1:12:18 PM

Archived from groups: microsoft.public.win2000.security (More info?)

This might help some, I don't know about DB/ODBC components.

How Interactive Logon Works
http://www.microsoft.com/resources/documentation/Window...

John

Rob wrote:

> all.
>
> I am looking to find out what actions are taken when a domain user logs into
> a domain and also what actions are taken when a user authenticates on a
> domain. What ports are used?? If databases are being used what actions are
> happening with ODBC and the like??
>
> Thanks in advance.
>
> r
Anonymous
a b 8 Security
March 8, 2005 6:54:16 PM

Archived from groups: microsoft.public.win2000.security (More info?)

One of the best ways to find out is to enable netmon or Ethereal on a domain
controller when a user logs on. This would be best done on a test network so
that the packet tracing only contains packets exchanged between the domain
controller and the domain client. Ports commonly used or 53 UDP for dns, 135
for RPC, 88 UDP for kerberos, 139/445 TCP for smb/cifs, 389 UDP for ldap,
and 1026 or above for dynamic RPC assignment. The link below is to a paper
on kerberos that explains the kerberos exchange so that a user can obtain a
session ticket, a ticket granting ticket, and a service ticket. The paper
is written to be very understandable. Computers also logon to the domain and
both computer and user have Group Policy applied/refreshed at startup and
logon. When a user simply authenticates to the domain, Group Policy is not
applied. --- Steve

http://www.microsoft.com/windows2000/techinfo/howitwork...

"Rob" <Rob@discussions.microsoft.com> wrote in message
news:EB3A40D1-553D-4006-B2C9-4D9B9BAA5E7B@microsoft.com...
> all.
>
> I am looking to find out what actions are taken when a domain user logs
> into
> a domain and also what actions are taken when a user authenticates on a
> domain. What ports are used?? If databases are being used what actions
> are
> happening with ODBC and the like??
>
> Thanks in advance.
>
> r
March 9, 2005 11:55:18 AM

Archived from groups: microsoft.public.win2000.security (More info?)

thanks for the replies guys.. i am not really looking for generalities of my
system.. i can scan with ethereal if i need to .. i am really looking for the
actual microsoft use of a logon and actions that a guaranteed to happen on
any system, on any domain.. the extras that i have to look for are what i may
have changed with policies and software..

i will look at the links that you supplied me with.. they look good so far..

any others??


r

"Steven L Umbach" wrote:

> One of the best ways to find out is to enable netmon or Ethereal on a domain
> controller when a user logs on. This would be best done on a test network so
> that the packet tracing only contains packets exchanged between the domain
> controller and the domain client. Ports commonly used or 53 UDP for dns, 135
> for RPC, 88 UDP for kerberos, 139/445 TCP for smb/cifs, 389 UDP for ldap,
> and 1026 or above for dynamic RPC assignment. The link below is to a paper
> on kerberos that explains the kerberos exchange so that a user can obtain a
> session ticket, a ticket granting ticket, and a service ticket. The paper
> is written to be very understandable. Computers also logon to the domain and
> both computer and user have Group Policy applied/refreshed at startup and
> logon. When a user simply authenticates to the domain, Group Policy is not
> applied. --- Steve
>
> http://www.microsoft.com/windows2000/techinfo/howitwork...
>
> "Rob" <Rob@discussions.microsoft.com> wrote in message
> news:EB3A40D1-553D-4006-B2C9-4D9B9BAA5E7B@microsoft.com...
> > all.
> >
> > I am looking to find out what actions are taken when a domain user logs
> > into
> > a domain and also what actions are taken when a user authenticates on a
> > domain. What ports are used?? If databases are being used what actions
> > are
> > happening with ODBC and the like??
> >
> > Thanks in advance.
> >
> > r
>
>
>
Anonymous
a b 8 Security
March 10, 2005 12:54:42 AM

Archived from groups: microsoft.public.win2000.security (More info?)

OK. The link below is for a more detailed explanation of kerberos and the
logon and authentication sequence. I don't have as good an article on ntlm
however which will be used for non domain and authentication to downlevel
and external trusts. Good luck. --- Steve

http://www.windowsitlibrary.com/Content/617/06/toc.html

"Rob" <Rob@discussions.microsoft.com> wrote in message
news:4DDA1AF8-9FDE-4ED0-994E-718E401421A6@microsoft.com...
> thanks for the replies guys.. i am not really looking for generalities of
> my
> system.. i can scan with ethereal if i need to .. i am really looking for
> the
> actual microsoft use of a logon and actions that a guaranteed to happen on
> any system, on any domain.. the extras that i have to look for are what i
> may
> have changed with policies and software..
>
> i will look at the links that you supplied me with.. they look good so
> far..
>
> any others??
>
>
> r
>
> "Steven L Umbach" wrote:
>
>> One of the best ways to find out is to enable netmon or Ethereal on a
>> domain
>> controller when a user logs on. This would be best done on a test network
>> so
>> that the packet tracing only contains packets exchanged between the
>> domain
>> controller and the domain client. Ports commonly used or 53 UDP for dns,
>> 135
>> for RPC, 88 UDP for kerberos, 139/445 TCP for smb/cifs, 389 UDP for ldap,
>> and 1026 or above for dynamic RPC assignment. The link below is to a
>> paper
>> on kerberos that explains the kerberos exchange so that a user can obtain
>> a
>> session ticket, a ticket granting ticket, and a service ticket. The
>> paper
>> is written to be very understandable. Computers also logon to the domain
>> and
>> both computer and user have Group Policy applied/refreshed at startup and
>> logon. When a user simply authenticates to the domain, Group Policy is
>> not
>> applied. --- Steve
>>
>> http://www.microsoft.com/windows2000/techinfo/howitwork...
>>
>> "Rob" <Rob@discussions.microsoft.com> wrote in message
>> news:EB3A40D1-553D-4006-B2C9-4D9B9BAA5E7B@microsoft.com...
>> > all.
>> >
>> > I am looking to find out what actions are taken when a domain user logs
>> > into
>> > a domain and also what actions are taken when a user authenticates on a
>> > domain. What ports are used?? If databases are being used what actions
>> > are
>> > happening with ODBC and the like??
>> >
>> > Thanks in advance.
>> >
>> > r
>>
>>
>>
!