!!! Overview
[{$pagename}] is a [Security Support Provider] as used in the [Microsoft Active Directory] [Security Support Provider Interface]


[{$pagename}] (Kerberos.dll) is the preferred choice for [authentication] in Windows Server. 

[{$pagename}] requires the [client] [application] [MUST] provide one of the following:
* [ServicePrincipalName] ([SPN])
* [UserPrincipalName] ([UPN])
* [NetBIOS] account name
 as the target name. __Otherwise, [{$pagename}] always__ selects the [NTLM SSP] security provider.


The [Microsoft] [Kerberos] [Security Support Provider] uses the [Kerberos V5|Kerberos] [authentication] protocol. ([RFC 1510]).

Because [{$pagename}] is the default [authentication] protocol for [Windows Server 2003]+, all domain services support the [{$pagename}], which includes:
* [Microsoft Active Directory] queries using the [Lightweight Directory Access Protocol] ([LDAP]).
* [Remote Desktop Protocol] server or workstation management using [RPC] calls.
* Print services.
* Client-server [authentication].
* Remote file access using [Common Internet File System]/[Server Message Block] ([CIFS]/[SMB]).
* Distributed file system management and referrals.
* [Intranet] [authentication] to [Internet Information Services] ([IIS]) and [Windows Integrated Authentication]
* Security authority authentication for [Internet Protocol Security] ([IPsec]).
* [Certificate] requests to Certificate Services for domain users and computers.

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Microsoft Kerberos|https://docs.microsoft.com/en-us/windows/win32/secauthn/microsoft-kerberos|target='_blank'] - based on information obtained 2020-01-21