7 Appendix B: Product Behavior

The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include updates to those products.

  • Windows 7 operating system

  • Windows Server 2008 R2 operating system

  • Windows 8 operating system

  • Windows Server 2012 operating system

  • Windows 8.1 operating system

  • Windows Server 2012 R2 operating system

  • Windows 10 operating system

  • Windows Server 2016 operating system

  • Windows Server operating system

  • Windows Server 2019 operating system

Exceptions, if any, are noted in this section. If an update version, service pack or Knowledge Base (KB) number appears with a product name, the behavior changed in that update. The new behavior also applies to subsequent updates unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.

Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms "SHOULD" or "SHOULD NOT" implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term "MAY" implies that the product does not follow the prescription.

<1> Section 1.5: By default, the Kerberos protocol and NTLM are available in Windows. The interface for authentication protocols in Windows is open and extensible; other protocols might be installed by third parties.

<2> Section 2.2: Parallel to GSS API, Microsoft developed the Windows Negotiation Extension. For information on writing NegoEx Security Support Packages (SSPs), see [MSDOCS-NegoExSSP]. For information on Creating Microsoft Win32 Custom Security Support Packages, see [MSDOCS-CustomSSPs]. For information on the GSS matching Win32 API functions, which are found in the NT Security Package header ntsecpkg.h, see [MSDOCS-NTSECPKG-H].

<3> Section 2.2: The GSS function is GSS_init_sec_context. The Win32 API SSP function is SpInitLsaModeContextFn. For more information, see [MSDOCS-NTSECPKG-H].

<4> Section 2.2: The GSS function is GSS_accept_sec_context. The Win32 API SSP function is SpAcceptLsaModeContextFn. For more information, see [MSDOCS-NTSECPKG-H].

<5> Section 3.1.5.8: Parallel to GSS API, Microsoft developed the Windows Negotiation Extension. For information on writing NegoEx SSPs, see [MSDOCS-NegoExSSP]. For information on creating Win32 Custom Security Packages, see [MSDOCS-CustomSSPs]. For information on the GSS matching Win32 API functions, which are found in the NT Security Package header ntsecpkg.h, see [MSDOCS-NTSECPKG-H].

<6> Section 3.1.5.8.1: The Win32 API SSP function is either SpQueryMetaData or SpQueryMetaDataFn in the NT Security Package header ntsecpkg.h. For more information, see [MSDOCS-NTSECPKG-H].

<7> Section 3.1.5.8.2: The Win32 API SSP function is either SpExchangeMetaData or SpExchangeMetaDataFn in the NT Security Package header ntsecpkg.h. For more information, see [MSDOCS-NTSECPKG-H].

<8> Section 3.1.5.8.3: The Win32 API SSP functions are SpGetInfoFn and SpGetExtendedInformationFn in the NT Security Package header ntsecpkg.h. For more information, see [MSDOCS-NTSECPKG-H].

<9> Section 3.1.5.8.4: The Win32 API SSP functions are either SpQueryContextAttributes or SpQueryContextAttributesFn in the NT Security Package header ntsecpkg.h. For more information, see [MSDOCS-NTSECPKG-H].