I did some search on this already but still don't understand it. Can someone explain their differences as simple as possible? It seems like they do pretty much the same thing....
Asked
Active
Viewed 3.8k times
2 Answers
3
Kerberos specifies that authentication come from a known machine with a timestamp that matches the authentication server (domain controller). The computer password is how AD ensures that the machine is known. It's not available to the user.
This answer might help.
Katherine Villyard
- 18,618
0
One is for the user, the other for the computer that is joined to the domain.
Computers also need accounts for certain operations - among other things being allowed to even interact with active directory, or loading their group policies (which are not tied to a user in their storage). So, when you join a computer to a domain, it is getting its own account to do so (and automatically manages its password).
Try finding a book on Active Directory to give you a good introduction to the basics.
Don Kirkby
- 1,744
TomTom
- 52,109
- 7
- 59
- 142