L
Leo Zhang
How to comprehend "security principal"?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
P
ptwilliams
Security principles are users, computer objects, security groups and well
known-security principles (Authenticated Users, etc.)
You assign permissions to security principles.
--
Paul Williams
http://www.msresource.net
http://forums.msresource.net
______________________________________
How to comprehend "security principal"?
known-security principles (Authenticated Users, etc.)
You assign permissions to security principles.
--
Paul Williams
http://www.msresource.net
http://forums.msresource.net
______________________________________
How to comprehend "security principal"?
D
Dave Shaw [MVP - Directory Services]
A "Security Principal" is an entity, represented by an object in the
directory, that has the ability to access directory resources such as, data
on drives, printers, objects in the directory itself, etc. Security
Principals are either assigned rights or inherit them.
In Active Directory, there are three recognized Security Principals: Users,
Computers, and Groups. In other directories, you might find that
Organizational Units are Security Principals as well (the subject of intense
debate at times).
-ds
directory, that has the ability to access directory resources such as, data
on drives, printers, objects in the directory itself, etc. Security
Principals are either assigned rights or inherit them.
In Active Directory, there are three recognized Security Principals: Users,
Computers, and Groups. In other directories, you might find that
Organizational Units are Security Principals as well (the subject of intense
debate at times).
-ds
G
Glenn L
Additionally, security principles are referenced by the OS using a SID that
is assigned to the principle.
The SID is a globally unique number that includes the domain SID and a
unique RID (relative identifier)
When a principle authenticates to the domain (only users and computers can
authenticate), it recieves a "token", which is a data structure that
contains, among other things, the SIDs of all the groups to which the
principle is a member.
The principle presents this token to any resource it wishes to access.
is assigned to the principle.
The SID is a globally unique number that includes the domain SID and a
unique RID (relative identifier)
When a principle authenticates to the domain (only users and computers can
authenticate), it recieves a "token", which is a data structure that
contains, among other things, the SIDs of all the groups to which the
principle is a member.
The principle presents this token to any resource it wishes to access.