![]() ![]() The Winlogon service initiates the logon process for Windows operating systems by passing the credentials collected by user action on the secure desktop (Logon UI) to the Local Security Authority (LSA) through Secur32.dll.Īpplication or service logons that do not require interactive logon. ![]() Winlogon.exe is the executable file responsible for managing secure user interactions. The following table describes each component that manages credentials in the authentication process at the point of logon.Īuthentication components for all systems Component The following diagram shows the components that are required and the paths that credentials take through the system to authenticate the user or process for a successful logon. A copy of the SAM database is also stored here, although it is write-protected. Stored information includes policy settings, default security values, and account information, such as cached logon credentials. Local security information is stored in the registry under HKEY_LOCAL_MACHINE\SECURITY. Credentials are collected through user input on the logon user interface or programmatically via the application programming interface (API) to be presented to the authenticating target. The credentials used in authentication are digital documents that associate the user's identity to some form of proof of authenticity, such as a certificate, a password, or a PIN.īy default, Windows credentials are validated against the Security Accounts Manager (SAM) database on the local computer, or against Active Directory on a domain-joined computer, through the Winlogon service. In the case of a domain-joined computer, the authenticating target is the domain controller. Windows credentials management is the process by which the operating system receives the credentials from the service or user and secures that information for future presentation to the authenticating target. This reference topic for the IT professional describes how Windows authentication processes credentials. Applies to: Windows Server 2022, Windows Server 2019, Windows Server 2016
0 Comments
Leave a Reply. |