What actions occur with at login?? auth?? ports used??etc..

Archived from groups: microsoft.public.win2000.security (More info?)

all.

I am looking to find out what actions are taken when a domain user logs into
a domain and also what actions are taken when a user authenticates on a
domain. What ports are used?? If databases are being used what actions are
happening with ODBC and the like??

Thanks in advance.

r
4 answers Last reply
More about what actions occur login auth ports used
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    This might help some, I don't know about DB/ODBC components.

    How Interactive Logon Works
    http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/techref/en-us/Default.asp?url=/Resources/Documentation/windowsserv/2003/all/techref/en-us/w2k3tr_intlg_how.asp

    John

    Rob wrote:

    > all.
    >
    > I am looking to find out what actions are taken when a domain user logs into
    > a domain and also what actions are taken when a user authenticates on a
    > domain. What ports are used?? If databases are being used what actions are
    > happening with ODBC and the like??
    >
    > Thanks in advance.
    >
    > r
  2. Archived from groups: microsoft.public.win2000.security (More info?)

    One of the best ways to find out is to enable netmon or Ethereal on a domain
    controller when a user logs on. This would be best done on a test network so
    that the packet tracing only contains packets exchanged between the domain
    controller and the domain client. Ports commonly used or 53 UDP for dns, 135
    for RPC, 88 UDP for kerberos, 139/445 TCP for smb/cifs, 389 UDP for ldap,
    and 1026 or above for dynamic RPC assignment. The link below is to a paper
    on kerberos that explains the kerberos exchange so that a user can obtain a
    session ticket, a ticket granting ticket, and a service ticket. The paper
    is written to be very understandable. Computers also logon to the domain and
    both computer and user have Group Policy applied/refreshed at startup and
    logon. When a user simply authenticates to the domain, Group Policy is not
    applied. --- Steve

    http://www.microsoft.com/windows2000/techinfo/howitworks/security/kerberos.asp

    "Rob" <Rob@discussions.microsoft.com> wrote in message
    news:EB3A40D1-553D-4006-B2C9-4D9B9BAA5E7B@microsoft.com...
    > all.
    >
    > I am looking to find out what actions are taken when a domain user logs
    > into
    > a domain and also what actions are taken when a user authenticates on a
    > domain. What ports are used?? If databases are being used what actions
    > are
    > happening with ODBC and the like??
    >
    > Thanks in advance.
    >
    > r
  3. Archived from groups: microsoft.public.win2000.security (More info?)

    thanks for the replies guys.. i am not really looking for generalities of my
    system.. i can scan with ethereal if i need to .. i am really looking for the
    actual microsoft use of a logon and actions that a guaranteed to happen on
    any system, on any domain.. the extras that i have to look for are what i may
    have changed with policies and software..

    i will look at the links that you supplied me with.. they look good so far..

    any others??


    r

    "Steven L Umbach" wrote:

    > One of the best ways to find out is to enable netmon or Ethereal on a domain
    > controller when a user logs on. This would be best done on a test network so
    > that the packet tracing only contains packets exchanged between the domain
    > controller and the domain client. Ports commonly used or 53 UDP for dns, 135
    > for RPC, 88 UDP for kerberos, 139/445 TCP for smb/cifs, 389 UDP for ldap,
    > and 1026 or above for dynamic RPC assignment. The link below is to a paper
    > on kerberos that explains the kerberos exchange so that a user can obtain a
    > session ticket, a ticket granting ticket, and a service ticket. The paper
    > is written to be very understandable. Computers also logon to the domain and
    > both computer and user have Group Policy applied/refreshed at startup and
    > logon. When a user simply authenticates to the domain, Group Policy is not
    > applied. --- Steve
    >
    > http://www.microsoft.com/windows2000/techinfo/howitworks/security/kerberos.asp
    >
    > "Rob" <Rob@discussions.microsoft.com> wrote in message
    > news:EB3A40D1-553D-4006-B2C9-4D9B9BAA5E7B@microsoft.com...
    > > all.
    > >
    > > I am looking to find out what actions are taken when a domain user logs
    > > into
    > > a domain and also what actions are taken when a user authenticates on a
    > > domain. What ports are used?? If databases are being used what actions
    > > are
    > > happening with ODBC and the like??
    > >
    > > Thanks in advance.
    > >
    > > r
    >
    >
    >
  4. Archived from groups: microsoft.public.win2000.security (More info?)

    OK. The link below is for a more detailed explanation of kerberos and the
    logon and authentication sequence. I don't have as good an article on ntlm
    however which will be used for non domain and authentication to downlevel
    and external trusts. Good luck. --- Steve

    http://www.windowsitlibrary.com/Content/617/06/toc.html

    "Rob" <Rob@discussions.microsoft.com> wrote in message
    news:4DDA1AF8-9FDE-4ED0-994E-718E401421A6@microsoft.com...
    > thanks for the replies guys.. i am not really looking for generalities of
    > my
    > system.. i can scan with ethereal if i need to .. i am really looking for
    > the
    > actual microsoft use of a logon and actions that a guaranteed to happen on
    > any system, on any domain.. the extras that i have to look for are what i
    > may
    > have changed with policies and software..
    >
    > i will look at the links that you supplied me with.. they look good so
    > far..
    >
    > any others??
    >
    >
    > r
    >
    > "Steven L Umbach" wrote:
    >
    >> One of the best ways to find out is to enable netmon or Ethereal on a
    >> domain
    >> controller when a user logs on. This would be best done on a test network
    >> so
    >> that the packet tracing only contains packets exchanged between the
    >> domain
    >> controller and the domain client. Ports commonly used or 53 UDP for dns,
    >> 135
    >> for RPC, 88 UDP for kerberos, 139/445 TCP for smb/cifs, 389 UDP for ldap,
    >> and 1026 or above for dynamic RPC assignment. The link below is to a
    >> paper
    >> on kerberos that explains the kerberos exchange so that a user can obtain
    >> a
    >> session ticket, a ticket granting ticket, and a service ticket. The
    >> paper
    >> is written to be very understandable. Computers also logon to the domain
    >> and
    >> both computer and user have Group Policy applied/refreshed at startup and
    >> logon. When a user simply authenticates to the domain, Group Policy is
    >> not
    >> applied. --- Steve
    >>
    >> http://www.microsoft.com/windows2000/techinfo/howitworks/security/kerberos.asp
    >>
    >> "Rob" <Rob@discussions.microsoft.com> wrote in message
    >> news:EB3A40D1-553D-4006-B2C9-4D9B9BAA5E7B@microsoft.com...
    >> > all.
    >> >
    >> > I am looking to find out what actions are taken when a domain user logs
    >> > into
    >> > a domain and also what actions are taken when a user authenticates on a
    >> > domain. What ports are used?? If databases are being used what actions
    >> > are
    >> > happening with ODBC and the like??
    >> >
    >> > Thanks in advance.
    >> >
    >> > r
    >>
    >>
    >>
Ask a new question

Read More

Login Security Domain Microsoft Windows