|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
what's the difference between a connect, bind and authentication?In the AD world, and in layman's terms please, what's the difference between
a connect, a bind and an authentication? Does a user for instance do all three of these when he logs on in the morning? -- Spin Connect and Bind are LDAP terms really, so they aren't related to a network
logon. Logging into a machine on the domain does not use LDAP. When doing LDAP, a connection is established to a directory by opening a socket. A Bind operation in LDAP authenticates the user and changes the state of the connection to "authenticated" until another bind or unbind is performed. Operations performed after a bind will be done using the security context of the user who authenticated. Note that if logon scripts are involved, they may very well be coded to do LDAP operations, but they are not specifically part of the login. Joe K. Show quoteHide quote "Spin" <S***@spin.com> wrote in message news:43vd3eF1peee8U1@individual.net... > In the AD world, and in layman's terms please, what's the difference > between a connect, a bind and an authentication? Does a user for instance > do all three of these when he logs on in the morning? > > -- > Spin > > Thank you Joe. So just to confirm. My mind gets sometimes muddled. When a
user logs on, the machine uses DNS to locate domain controllers in the users site, and the user then authenticates to the Active Directory instance on the domain controller DNS sent him to. Kerberos does this authentication, and LDAP is not involved in this situation at all? -- Show quoteHide quoteSpin "Joe Kaplan (MVP - ADSI)" <joseph.e.kap***@removethis.accenture.com> wrote in message news:eo895d4IGHA.1424@TK2MSFTNGP12.phx.gbl... > Connect and Bind are LDAP terms really, so they aren't related to a > network logon. Logging into a machine on the domain does not use LDAP. > > When doing LDAP, a connection is established to a directory by opening a > socket. A Bind operation in LDAP authenticates the user and changes the > state of the connection to "authenticated" until another bind or unbind is > performed. Operations performed after a bind will be done using the > security context of the user who authenticated. > > Note that if logon scripts are involved, they may very well be coded to do > LDAP operations, but they are not specifically part of the login. > > Joe K. > > "Spin" <S***@spin.com> wrote in message > news:43vd3eF1peee8U1@individual.net... >> In the AD world, and in layman's terms please, what's the difference >> between a connect, a bind and an authentication? Does a user for >> instance do all three of these when he logs on in the morning? >> >> -- >> Spin >> >> > > 
Other interesting topics
CSVDE ERROR
LDAP query failing DSGET & DSQUERY Problem Is there ~1000 value limit for multi-valued attributes is ADAM? NTDS ISAM and NTDS SDPROP errors User logon connection dropped overnight. Slow logon when appying personal settings certificate of type DomainController has failed Any way to tell owner of files on file server? Complex Passwords |
|||||||||||||||||||||||
