Active Directory (AD) is a directory service developed by Microsoft, used in Windows networks to centrally manage users, computers, and permissions.
What is Active Directory?
AD is a centralized database containing information about every user and computer in the network. The main server running it is called a Domain Controller (DC).
Forest
└── Domain (cyberah.local)
├── Users
├── Computers
├── Groups
└── OUs (Organizational Units)
How Does Kerberos Work?
Kerberos is the primary authentication protocol in Active Directory, based on a ticket system.
Authentication Flow
- The user requests a ticket from the KDC (Key Distribution Center)
- The KDC verifies identity and issues a TGT (Ticket Granting Ticket)
- The user uses the TGT to request service tickets
# View current tickets
klist
# Request a ticket
kinit user@DOMAIN.LOCAL
What is the Ticket System?
Two main ticket types in Kerberos:
| Type | Name | Description |
|---|---|---|
| TGT | Ticket Granting Ticket | Master authentication ticket |
| TGS | Ticket Granting Service | Service-specific access ticket |
Note: The TGT is encrypted with the krbtgt account’s key and cannot be read directly.