Authentication Services Catalog Items and Sysgen Variables (Compact 2013)
3/28/2014
In Windows Embedded Compact, you can implement authentication services so that all applications and components can use the same authentication mechanism to authenticate the user when connected to a network. Authentication services include security services for user authentication, credential management, and message protection through the Security Support Provider Interface (SSPI).
For more information, see Authentication Services Reference.
For more information about how to add or remove catalog items, see Create Your First OS.
Hardware and Software Requirements
- Passport Authentication requires SYSGEN_WININET_TWEENER.
Catalog Items and Sysgen Variables
The following table describes the catalog items and associated SYSGEN variables you can use to add support for authentication services to your OS.
Catalog item |
SYSGEN variable |
Description |
Dependencies |
|---|---|---|---|
Authentication Services (SSPI) |
SYSGEN_AUTH |
Provides a programming interface for user authentication, credential management, and message protection. Available authentication providers include NTLM, Kerberos, and Secure Sockets Layer (SSL). Each provider contains different authentication and cryptographic schemes. |
None |
Kerberos |
SYSGEN_AUTH_KERBEROS |
Supports mutual authentication between the device and the remote computer during the authentication process. Kerberos is considered to have more security features than Windows Challenge/Response (NTLM). Also supports Credential Manager. |
Requires SYSGEN_CRYPTO. For more information see Cryptography Catalog Items and Sysgen Variables. |
NTLM |
SYSGEN_AUTH_NTLM |
Provides an older authentication protocol that can be used instead of Kerberos. Also provides Credential Manager. |
Requires SYSGEN_CRYPTO. For more information see Cryptography Catalog Items and Sysgen Variables. |
Schannel (SSL/TLS) |
SYSGEN_AUTH_SCHANNEL |
Provides a security support provider that uses SSL2, SSL3, and Transport Layer Security (TLS/SSL 3.1) public key-based protocols. |
Requires SYSGEN_CERTS (CryptoAPI 2.0) for certificate management. Requires SYSGEN_AUTH and SYSGEN_CRYPTO. For more information, see Cryptography Catalog Items and Sysgen Variables. Schannel is exposed through Winsock and Wininet and not through SSPI. |