1.3 Overview

The Netlogon Remote Protocol is used for secure communication between machines in a domain (both domain members and domain controllers (DCs)) and DCs. The communication is secured by using a shared session key computed between the client and the DC that is engaged in the secure communication. The session key is computed by using a preconfigured shared secret that is known to the client and the DC.

The Netlogon Remote Protocol client and server can only run on domain-joined systems, and are started during boot. When a system is unjoined from the domain, then the client and server are stopped and will not be started during boot.

The following sections describe the scenarios in which this protocol is used. It provides an overview about the general purpose of this protocol and the flow of its operations.