Negotiate SSP


Negotiate SSP is a Security Support Provider as used in the Microsoft Active Directory Security Support Provider Interface

Negotiate SSP acts as an application layer between the Security Support Provider Interface and the other Security Support Provider.

Negotiate SSP selects between Kerberos and NTLM. By default, Negotiate SSP selects the Kerberos SSP unless Kerberos cannot be used by one of the systems involved in the authentication, or the calling application did not provide sufficient information to use the Kerberos SSP.

When an application calls in to the Security Support Provider Interface to log on to a network, the application either can specify an Security Support Provider (SSP) to process the request. If the application specifies Negotiate SSP then the request is analyzed the best Security Support Provider to handle the request based on customer-configured security policy.

Negotiate SSP implements RFC 2478, Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) and therefore is also a (at least pseudo) SASL Mechanisms

More Information#

There might be more information for this subject on one of the following: