2.1.1.1 Abstract Components

The following block diagram illustrates abstract components that are involved in the interactive domain logon authentication process. The abstract components on the domain-joined client computer are the Local Security Authority (LSA), the client implementation of the authentication protocols, and the components on the Authentication Authority (AA): for example, a domain controller consists of a server implementation of authentication protocols, a PKI, and an account database. The Windows user logon interface calls the LSA method to securely transfer the user credentials to the Authentication Authority through a specified authentication protocol. The Authentication Authority verifies the user credentials against the account database.

Figure 3: Abstract view of interactive domain logon authentication