Partager via


Authentication Services Catalog Items and Sysgen Variables (Compact 2013)

3/28/2014

In Windows Embedded Compact, you can implement authentication services so that all applications and components can use the same authentication mechanism to authenticate the user when connected to a network. Authentication services include security services for user authentication, credential management, and message protection through the Security Support Provider Interface (SSPI).

For more information, see Authentication Services Reference.

For more information about how to add or remove catalog items, see Create Your First OS.

Hardware and Software Requirements

  • Passport Authentication requires SYSGEN_WININET_TWEENER.

Catalog Items and Sysgen Variables

The following table describes the catalog items and associated SYSGEN variables you can use to add support for authentication services to your OS.

Catalog item

SYSGEN variable

Description

Dependencies

Authentication Services (SSPI)

SYSGEN_AUTH

Provides a programming interface for user authentication, credential management, and message protection. Available authentication providers include NTLM, Kerberos, and Secure Sockets Layer (SSL). Each provider contains different authentication and cryptographic schemes.

None

Kerberos

SYSGEN_AUTH_KERBEROS

Supports mutual authentication between the device and the remote computer during the authentication process. Kerberos is considered to have more security features than Windows Challenge/Response (NTLM).

Also supports Credential Manager.

Requires SYSGEN_CRYPTO. For more information see Cryptography Catalog Items and Sysgen Variables.

NTLM

SYSGEN_AUTH_NTLM

Provides an older authentication protocol that can be used instead of Kerberos.

Also provides Credential Manager.

Requires SYSGEN_CRYPTO. For more information see Cryptography Catalog Items and Sysgen Variables.

Schannel (SSL/TLS)

SYSGEN_AUTH_SCHANNEL

Provides a security support provider that uses SSL2, SSL3, and Transport Layer Security (TLS/SSL 3.1) public key-based protocols.

Requires SYSGEN_CERTS (CryptoAPI 2.0) for certificate management. Requires SYSGEN_AUTH and SYSGEN_CRYPTO. For more information, see Cryptography Catalog Items and Sysgen Variables.

Schannel is exposed through Winsock and Wininet and not through SSPI.

See Also

Other Resources

Authentication Services