2. Description
Windows Server 2003 was the follow-up to Windows 2000
Server, incorporating compatibility and other features
from Windows XP. Unlike Windows 2000 Server, Windows
Server 2003's default installation has none of the server
components enabled, to reduce the attack surface of new
machines. Windows Server 2003 includes compatibility
modes to allow older applications to run with greater stability.
It was made more compatible with Windows NT 4.0 domain-
based networking. Incorporating and upgrading a Windows
NT 4.0 domain to Windows 2000 was considered difficult and
time-consuming, and generally was considered an all-or-
nothing upgrade, particularly when dealing with Active
Directory.[by whom?] Windows Server 2003 brought in enhanced
Active Directory compatibility, and better deployment support,
to ease the transition from Windows NT 4.0 to Windows
Server 2003 and Windows XP Professional.
3. Networked NT
machines can be:
Primary Domain
controller
Centralizes user
database/authentic
ation
Backup Domain
controller
Domain member
Non-domain
member
Trusted domains
Trusting
resources
Security viewpoint
Four main
components:
Executive (kernel
mode)
Protected Servers
(user mode)
Network Subsystem
(both kernel and user
modes)
Administrator tools
(user mode)
4. Handle tables
Each process has a table of “object handles” which
enable the process to access those resources
Maintained by object manager
Each handle describes the type of access the process has to the
object (read, write, etc)
The object manager ensures that access is only granted if
compatible with the handle
When a process requests a new resource for the first
time, the Object Manager asks the Security Reference
Monitor to decide if the process may acquire the
handle.
5. Security-related servers
Winlogon
Session Manager
Local Security
Authority
Security Accounts
Manager (SAM)
Service Controller
Event Logger
Local Security
Authority Subsystem
Service (LSASS)
Invoked at login time,
it verifies the user
authentication and
grants the system
access token (SAT),
which is used to start
the initial shell and is
inherited by all
programs spawned
during this login
session
Performs audit
functions
6. Thank You
Read more : colocation server
Log on to : www.spsysnet.com