When a computer is in a workgroup it manages its own authentication and security. When it joins a domain, it establishes a trust with the domain controller. This allows users to be authenticated to either its own security accounts manager (SAM) database and its own local identity store or it confirms authentication with authentication services [...]

There are two main authentication methods for Active Directory, Kerberos and NT Lan Manager (NTLM). (However, any operating system is capable of using Kerberos.) Kerberos was originally developed by MIT and is named after the three headed dog in Greek mythology that guarded the gates of Hades. The protocol was named Kerberos because authentication is [...]

This is a video about auditing account logon events. It records successful and failed account log on events to a Microsoft Windows server 2008 domain. In an Active Directory environment, these events will be recorded to the domain controllers event viewer and must be viewed there. This feature is available on Server 2008, 2003, and [...]

This is a video on how to audit object access on a Server 2008 domain controller (DC) and a client of the domain. I deny permission to a folder for a user and then view the record in the security log in event viewer. Remember that events are always recorded on the local machine. These [...]