Authentication

User ID Authentication in Windows NT is based on a user id and a password. The password is encrypted. A user can be an individual or a group, and roles and aliases are also supported.

The table of users, passwords, and public keys is stored with the Registry on each host, and as such must be set up on every machine. Each table holds host-specific information the users allowed to access that host. This is likely to change in the future with the introduction of the Active Directory, a service I describe in the next chapter, as the Active Directory is to hold security data and will be a central store for information, replicated around the network.

When a client calls a method or creates an instance of a component, DCOM obtains the client's username and checks to see if the username is valid and the password correct. Only if the username is authentic is the name passed to the machine or process where the component is actually running. DCOM on the component's machine then checks the authorization.

Microsoft Certificate Server Microsoft Certificate Server is a service used for the management of Digital Certificates (which...