Secure channel

Hello,

I hear about secure channel everywhere, but found no detailed documentation
about it.

What it is
What ports does it use
What services do use the secure channel (only for NTLM????)
What encryption does it use
When it is established
When it is closed
Is it sometimes nonencrypted?
Does AD synchronization use secure channel?

Thanks Ondra.

Hi Ondrej,

"Ondrej Sevecek" <(E-Mail Removed)> wrote in message
> Hello,
>
> I hear about secure channel everywhere, but found no detailed
documentation
> about it.
>
> What it is

The secure channel is a discreat communication between
a domain member and a domain controller protected by
a hidden machine account password negotiated by the
domain member and the domain controller.

> What ports does it use

NT Secure Channel UDP:137,138 TCP:139

> What services do use the secure channel (only for NTLM????)

Netlogon

> What encryption does it use

I believe it's SSL but I could be wrong on thisone.

> When it is established

When the machine joins the domain.

> When it is closed


> Is it sometimes nonencrypted?

Yes downlevel clients NT and Win 9x
do not support secure channel encryption.

> Does AD synchronization use secure channel?

I believe it uses Kerberos.