Authorization Security Components
After a principal or device is authenticated, the process of authorization establishes the access rights on the system.
The following tables show some of the authentication security features and the Windows XP Embedded components that must be added to support them.
Access Control Lists (ACL)
ACLs are lists of privileges for users and groups on the system.
| Required components | Key binary |
|---|---|
| Local Security Authority Subsystem (LSASS) | Lsass.exe, Lsasrv.dll |
| Primitive: NTdll | Ntdll.dll |
| Primitive: AuthZ | Authz.dll |
GPO, Restrictions (Software, Computer)
Group Policy Object uses group policies to define policy settings that are applied to computers or users.
| Required components | Key binary |
|---|---|
| Group Policy Client Core | Gptext.dll |
| Primitive: Profmap | Profmap |
Local & Roaming Profiles
Local and roaming profiles allow a user to access the same authorization settings across multiple systems.
| Required components | Key binary |
|---|---|
| Local Profile Core
Roaming Profile |
Userenv.dll |
Auditing
Auditing logs and monitors events on a system.
| Required components | Key binary |
|---|---|
| Local Security Authority Subsystem (LSASS) | Lsass.exe, Lsasrv.dll |
| Primitive: Ntdll | Ntdll.dll |
| Auditing Resource DLLs | Msaudite.dll |
| Event Log | Eventlog.dll |
See Also
Add Security Features to a Run-Time Image | Authentication Security Components
Last updated on Wednesday, October 18, 2006
© 2006 Microsoft Corporation. All rights reserved.