The Kerberos protocol is an authentication protocol for client/server applications. For authentication purposes, tickets are given to the clients from the Kerberos Key Distribution Center (KDC). The Kerberos ticket is presented to the servers after the connection has been established. Kerberos authentication tickets represent the client’s network credentials.
Windows Challenge/Response(NTLM) is the authentication protocol used on networks that include systems running the Windows operating system and on stand-alone systems.
Windows authentication uses either Kerberos authentication protocol or NTLM authentication protocol, depending on the client and server configurations.
NTLM Authentication Protocol:
The NEGOTIATE_MESSAGE defines an NTLM Negotiate message that is sent from the client to the server. This message allows the client to specify its supported NTLM options to the server.
The CHALLENGE_MESSAGE defines an NTLM challenge message that is sent from the server to the client and it is used by the server to challenge the client to prove its identity.
The AUTHENTICATE_MESSAGE defines an NTLM authenticate message that is sent from the client to the server after the CHALLENGE_MESSAGE is processed by the client.
KERBEROS AUTHENTICATION PROTOCOL:
Message A: Client/TGS Session Key encrypted using the secret key of the client/user.
Message B: Ticket-Granting-Ticket encrypted using the secret key of the TGS.
Message C: Composed of the TGT from message B and the ID of the requested service.
Message D: Authenticator encrypted using the Client/TGS Session Key.
Message E: client-to-server ticket encrypted using the service's secret key.
Message F: Client/Server Session Key encrypted with the Client/TGS Session Key.
Message G: a new Authenticator, which includes the client ID, timestamp and is encrypted using Client/Server Session Key.
Message H: the timestamp found in the client's Authenticator encrypted using the Client/Server Session Key.
Need Help? We are right here!
Contact miniOrange Support
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to firstname.lastname@example.org
This privacy statement applies to miniorange websites describing how we handle the personal
When you visit any website, it may store or retrieve the information on your browser, mostly in the
form of the cookies. This information might be about you, your preferences or your device and is
mostly used to make the site work as you expect it to. The information does not directly identify
you, but it can give you a more personalized web experience.
Click on the category headings to check how we handle the cookies.
Strictly Necessary Cookies
Necessary cookies help make a website fully usable by enabling the basic functions like site
navigation, logging in, filling forms, etc. The cookies used for the functionality do not store any
personal identifiable information. However, some parts of the website will not work properly without
These cookies only collect aggregated information about the traffic of the website including -
visitors, sources, page clicks and views, etc. This allows us to know more about our most and least
popular pages along with users' interaction on the actionable elements and hence letting us improve
the performance of our website as well as our services.