Share via


Authorization Security Components

After a principal or device is authenticated, the process of authorization establishes the access rights on the system.

The following tables show some of the authentication security features and the Windows XP Embedded components that must be added to support them.

Access Control Lists (ACL)

ACLs are lists of privileges for users and groups on the system.

Required components Key binary
Local Security Authority Subsystem (LSASS) Lsass.exe, Lsasrv.dll
Primitive: NTdll Ntdll.dll
Primitive: AuthZ Authz.dll

GPO, Restrictions (Software, Computer)

Group Policy Object uses group policies to define policy settings that are applied to computers or users.

Required components Key binary
Group Policy Client Core Gptext.dll
Primitive: Profmap Profmap

Local & Roaming Profiles

Local and roaming profiles allow a user to access the same authorization settings across multiple systems.

Required components Key binary
Local Profile Core

Roaming Profile

Userenv.dll

Auditing

Auditing logs and monitors events on a system.

Required components Key binary
Local Security Authority Subsystem (LSASS) Lsass.exe, Lsasrv.dll
Primitive: Ntdll Ntdll.dll
Auditing Resource DLLs Msaudite.dll
Event Log Eventlog.dll

See Also

Add Security Features to a Run-Time Image | Authentication Security Components

Last updated on Wednesday, October 18, 2006

© 2006 Microsoft Corporation. All rights reserved.