Mail Archives: cygwin/2000/10/17/13:06:37
The following is from Mark Russinovich's and David Solomon's book "Inside
Microsoft Windows 2000, Third Edition" (Microsoft Press). This book is
excellent and I highly recommend it.
Local security authority subsystem (Lsass) A user-mode process running
the image \Winnt\System32\Lsass.exe that is responsible for the local
system security policy (such as which users are allowed to log on to
the machine, password policies, privileges granted to users and
groups, and the system security auditing settings), user
authentication, and sending security audit messages to the Event Log.
The local security authority service (Lsasrv?
\Winnt\System32\Lsasrv.dll), a library that Lsass loads, implements
most of this functionality.
Lsass policy database A database that contains the local system
security policy settings. This database is stored in the registry
under HKLM\SECURITY. It includes such information as what domains are
entrusted to authenticate logon attempts, who has permission to access
the system and how (interactive, network, and service logons), who is
assigned which privileges, and what kind of security auditing is to be
performed. The Lsass policy database also stores "secrets" that
include logon information used for cached domain logons and Win32
service user-account logons. (See Chapter 5 for more information on
Win32 services.)
Ed
Your Windows 2000 Arborist
T/L 589-4410; Outside: 1-919-993-4410
egb AT us DOT ibm DOT com
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com
- Raw text -