Export (0) Print
Expand All

7 Appendix A: Product Behavior

The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include released service packs:

  • Windows NT operating system

  • Windows 2000 operating system

  • Windows XP operating system

  • Windows Server 2003 operating system

  • Windows Server 2003 R2 operating system

  • Windows Vista operating system

  • Windows Server 2008 operating system

  • Windows 7 operating system

  • Windows Server 2008 R2 operating system

  • Windows 8 operating system

  • Windows Server 2012 operating system

  • Windows 8.1 operating system

  • Windows Server 2012 R2 operating system

Exceptions, if any, are noted below. If a service pack or Quick Fix Engineering (QFE) number appears with the product version, behavior changed in that service pack or QFE. The new behavior also applies to subsequent service packs of the product unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.

Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms SHOULD or SHOULD NOT implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term MAY implies that the product does not follow the prescription.

<1> Section 2.2: Supported in Windows NT, Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.

<2> Section 2.2.1: Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2 domains do not allow the use of a period or multiple periods at the end of a user logon name. The use of a period (.) at the end of a user logon name, as long as the user logon name does not consist solely of period characters, is allowed in the following domains: Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, and Windows NT 4.0.

<3> Section 2.2.2: Domain join is supported in Windows NT, Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.

<4> Section 2.2.2: Active Directory is supported in Windows 2000, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2.

<5> Section 2.4: Supported in Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2.

<6> Section 2.5.2: The list of applicable servers follows: Windows 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2.

<7> Section 2.5.2: Active Directory domain controllers (DCs) that do not accept changes are a feature supported on Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2. Windows 2000 servers and Windows Server 2003 servers cannot be configured this way. Windows NT 4.0 domains have one DC that accepts changes, and all other DCs are read-only.

<8> Section 2.5.3: That is, Netlogon also creates a general purpose channel for authentication. It is not specific to any protocol and is available only to components involved in authentication.

<9> Section 2.5.5.2: Windows 98, Windows 2000, Windows 2000 Server, Windows Millennium Edition, Windows XP, Windows XP SP1, Windows XP SP2, Windows XP SP3, Windows Vista (RTM version inclusive), Windows Server 2003, Windows Server 2003 with SP1, Windows Server 2003 SP2, Windows Server 2003 with SP3, Windows Server 2003 R2, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2 use algorithms that are compliant with the FIPS 140-2 standard. Windows Vista SP1, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2 use a new algorithm which is compliant with the NIST SP 800-90 standard. The random number generation in all versions of Windows prior to Windows Vista SP1 is consistent with FIPS 186-2 Change Notice 1.

<10> Section 2.5.5.2: Windows uses the cryptographic PRNG from the Cryptographic API (CAPI) and the Cryptographic API Next Generation (CNG) for generation of Version 4 GUIDs.

<11> Section 2.5.5.2: For reasons of increased privacy protection for our customers, Microsoft systems beginning with Windows 2000 prefer to generate version 4 GUIDs in which the 122 bits of nonformat information are random. Although only a small minority of version 4 GUIDs require cryptographic randomness, the random bits for all version 4 GUIDs built in Windows are obtained via the Windows CryptGenRandom cryptographic API or the equivalent, the same source that is used for generation of cryptographic keys. This source is FIPS 140-certified in various versions of Windows, as documented at [MSFIP140CryptCerts]

<12> Section 3.2.2: [RFC1510] (the original Kerberos RFC) was made obsolete and was replaced by [RFC4120].

<13> Section 5.3: In the following Windows products, the only supported impersonation levels were identify and impersonate: Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows NT 4.0, Windows 98.

Delegate-level impersonation is supported in the following Windows products: Windows 2000, Windows Millennium Edition, Windows XP, Windows XP SP1, Windows XP SP2, Windows XP SP3, Windows Server 2003, Windows Server 2003 with SP1, Windows Server 2003 SP2, Windows Server 2003 with SP3, Windows Server 2003 R2, Windows Vista, Windows Vista SP1, Windows Vista SP2, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.

<14> Section 5.3: This level is supported beginning with Windows 2000.

 
Show:
© 2015 Microsoft