Does anyone know of any good resources for information about how NT security actually works? It can be either a book or on the web somewhere.
The only things I’ve been able to find deal with how to implement NT security, but I want to know how it actually works. For example:
- What, exactly, is in the token the user gets when he logs on?
- What is the LSA actually doing when I try to access a file? How does it determine what access I have?
Low level stuff. Like I said, most of what I’ve found so far has been “best practices” type of info which doesn’t really help me.