Client/Server Access Control
A server application provides services to clients. For example, a server could perform the following services on behalf of a client:
- Save and retrieve information from a private database
- Access network resources
- Start processes in the client's security context on the server's computer
A protected server controls access to its services. Windows provides security support that enables a server to do the following:
- Impersonate a client's security context, which causes the system to perform most access and privilege checks against the client's access token rather than the server's
- Log a client on to the server's computer
- Connect to network resources using the client's security context
- Create security descriptors to protect private objects
- Determine whether a security descriptor allows access to a client
- Determine whether a set of privileges are enabled in a client's token
- Generate audit messages in the security event log to record attempts by a client to access objects or use privileges
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for