Skip to main content

Utilizing the Windows 2000 Authorization Data in Kerberos Tickets for Access Control to Resources

Document Type Expired Internet-Draft (individual)
Expired & archived
Author John Brezak
Last updated 2002-10-16
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


Microsoft Windows 2000 includes operating system specific data in the Kerberos V5 [2] authorization data field that is used for access control. This data is used to create an NT access token. The access token is used by the system to enforce access checking when attempting to access objects. This document describes the structure of the Windows 2000 specific authorization data that is carried in that field for use by servers in performing access control.


John Brezak

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)