deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 12:53:38 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Add images for Microsoft Entra hybrid join authentication

Browse Source
This commit is contained in:
Paolo Matarazzo
2024-01-09 12:58:54 -05:00
parent 660cfba352
commit 1b5b991e26
3 changed files with 888 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/identity-protection/hello-for-business/how-it-works-authentication.md
View File

@ -64,6 +64,8 @@ Microsoft Entra joined devices authenticate to Microsoft Entra ID during sign-in
![Microsoft Entra hybrid join authentication using Microsoft Entra Kerberos](images/howitworks/auth-haadj-cloudtrust.png)
![Microsoft Entra hybrid join authentication using Microsoft Entra Kerberos](images/howitworks/auth-haadj-cloudtrust.svg)
| Phase | Description |
| :----: | :----------- |
|A | Authentication begins when the user dismisses the lock screen, which triggers Winlogon to show the Windows Hello for Business credential provider. The user provides their Windows Hello gesture (PIN or biometrics). The credential provider packages these credentials and returns them to Winlogon. Winlogon passes the collected credentials to lsass. Lsass queries Windows Hello for Business policy to check if cloud Kerberos trust is enabled. If cloud Kerberos trust is enabled, Lsass passes the collected credentials to the Cloud Authentication security support provider, or Cloud AP. Cloud AP requests a nonce from Microsoft Entra ID. Microsoft Entra ID returns a nonce.

18
windows/security/identity-protection/hello-for-business/how-it-works.md
View File

@ -7,7 +7,9 @@ ms.topic: concept-article
# How Windows Hello for Business works
Windows Hello for Business is a distributed system that requires multiple technologies to work together. To simplify the explanation of how Windows Hello for Business works, let's break it down into five phases. Two of these phases are required only for certain deployment scenarios.
Windows Hello for Business is a distributed system that requires multiple technologies to work together. To simplify the explanation of how Windows Hello for Business works, let's break it down into five phases, which represent the chronological order of the deployment process.
Two of these phases are required only for certain deployment scenarios.
> [!NOTE]
> The deployment scenarios are described in the article: [Plan a Windows Hello for Business deployment](deploy/index.md).
@ -38,11 +40,6 @@ Windows Hello for Business is a distributed system that requires multiple techno
:::column-end:::
:::column span="3":::
During this phase, the user authenticates using one form of authentication (typically, username/password) to request a new Windows Hello for Business credential. The provisioning flow requires a second factor of authentication before it can create a strong, two-factor Windows Hello for Business credential.
After multi-factor authentication (MFA), the provisioning process:
1. **Generates a key pair** bound to the Trusted Platform Module (TPM), if available, or in software. The private key is stored locally and protected by the TPM, and can't be exported
1. **Registers the public key** with the IdP, mapped to the user account
:::column-end:::
:::row-end:::
:::row:::
@ -120,6 +117,11 @@ Windows Hello provisioning is triggered once device registration completes, and
1. The user *enrolls* in Windows Hello by authenticating to the IdP with MFA
1. After successful MFA, the user must provide a bio gesture (if available) and PIN, which trigger the creation of the Windows Hello container. A public/private key pair is generated and the public key is registered with the IdP.
After multi-factor authentication (MFA), the provisioning process:
1. **Generates a key pair** bound to the Trusted Platform Module (TPM), if available, or in software. The private key is stored locally and protected by the TPM, and can't be exported
1. **Registers the public key** with the IdP, mapped to the user account
### Key registration
The IdP validates the user identity and maps the Windows Hello public key to a user account during the registration step.
@ -158,13 +160,13 @@ The biometric data used to support Windows Hello is stored on the local device o
>
>Some fingerprint sensors have the capability to complete matching on the fingerprint sensor module instead of in the OS. These sensors store biometric data on the fingerprint module instead of in the database file.
## Key synchronization (optional)
## Key synchronization
Key synchronization is required in hybrid environments. After the user provisions a Windows Hello for Business credential, the key must sync from Microsoft Entra ID to Active Directory.
The user's public key is written to the `msDS-KeyCredentialLink` attribute of the user object. The synchronization is handled by Microsoft Entra Connect Sync.
## Certificate enrollment (optional)
## Certificate enrollment
For certificate deployments, after registering the key, the client generates a cetificate request. The request is sent to the Certificate Registration Authority (CRA). The CRA is on the Active Directory Federation Services (AD FS) server, which validates the certificate request and fulfills it using the enterprise PKI.

876
windows/security/identity-protection/hello-for-business/images/howitworks/auth-haadj-cloudtrust.svg Normal file
View File

@ -0,0 +1,876 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<!-- Generated by Microsoft Visio, SVG Export WHFB-Provisioning-Flows.svg HAADJ-Auth-KeyTrust (2) -->
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:ev="http://www.w3.org/2001/xml-events"
xmlns:v="http://schemas.microsoft.com/visio/2003/SVGExtensions/" width="11in" height="8.5in" viewBox="0 0 792 612"
xml:space="preserve" color-interpolation-filters="sRGB" class="st17">
<v:documentProperties v:langID="1033" v:viewMarkup="false">
<v:userDefs>
<v:ud v:nameU="visFlowchartType" v:prompt="" v:val="VT4(CrossFunctional)"/>
<v:ud v:nameU="msvNoAutoConnect" v:val="VT0(0):26"/>
<v:ud v:nameU="visV14CFF" v:prompt="" v:val="VT0(1):26"/>
</v:userDefs>
</v:documentProperties>
<style type="text/css">
<![CDATA[
.st1 {fill:#ffffff;stroke:#e9eff7;stroke-width:0.75}
.st2 {stroke:#5b9bd5;stroke-dasharray:7,5;stroke-linecap:round;stroke-linejoin:round;stroke-width:1}
.st3 {fill:#5b9bd5;font-family:Calibri;font-size:1.00001em;font-weight:bold}
.st4 {font-size:1em}
.st5 {marker-end:url(#mrkr4-102);stroke:#5b9bd5;stroke-linecap:round;stroke-linejoin:round;stroke-width:1}
.st6 {fill:#5b9bd5;fill-opacity:1;stroke:#5b9bd5;stroke-opacity:1;stroke-width:0.23584905660377}
.st7 {fill:#ffffff;stroke:none;stroke-linecap:butt;stroke-width:7.2}
.st8 {fill:#4f87bb;font-family:Calibri;font-size:0.833336em}
.st9 {marker-end:url(#mrkr3-110);stroke:#5b9bd5;stroke-dasharray:7,5;stroke-linecap:round;stroke-linejoin:round;stroke-width:1}
.st10 {marker-end:url(#mrkr4-139);stroke:#ed7d31;stroke-linecap:round;stroke-linejoin:round;stroke-width:1}
.st11 {fill:#ed7d31;fill-opacity:1;stroke:#ed7d31;stroke-opacity:1;stroke-width:0.23584905660377}
.st12 {fill:#d06d29;font-family:Calibri;font-size:0.833336em}
.st13 {marker-end:url(#mrkr3-154);stroke:#ed7d31;stroke-dasharray:7,5;stroke-linecap:round;stroke-linejoin:round;stroke-width:1}
.st14 {fill:#ffffff;stroke:none;stroke-linecap:butt}
.st15 {fill:#002060;stroke:none;stroke-width:0.75}
.st16 {fill:#ffffff;font-family:Calibri;font-size:1.16666em;font-weight:bold}
.st17 {fill:none;fill-rule:evenodd;font-size:12px;overflow:visible;stroke-linecap:square;stroke-miterlimit:3}
]]>
</style>
<defs id="Markers">
<g id="lend4">
<path d="M 2 1 L 0 0 L 2 -1 L 2 1 " style="stroke:none"/>
</g>
<marker id="mrkr4-102" class="st6" v:arrowType="4" v:arrowSize="3" v:setback="8.48" refX="-8.48" orient="auto"
markerUnits="strokeWidth" overflow="visible">
<use xlink:href="#lend4" transform="scale(-4.24,-4.24) "/>
</marker>
<g id="lend3">
<path d="M 2 1 L 0 0 L 2 -1 " style="stroke-linecap:round;stroke-linejoin:round;fill:none"/>
</g>
<marker id="mrkr3-110" class="st6" v:arrowType="3" v:arrowSize="3" orient="auto" markerUnits="strokeWidth"
overflow="visible">
<use xlink:href="#lend3" transform="scale(-4.24,-4.24) "/>
</marker>
<marker id="mrkr4-139" class="st11" v:arrowType="4" v:arrowSize="3" v:setback="8.48" refX="-8.48" orient="auto"
markerUnits="strokeWidth" overflow="visible">
<use xlink:href="#lend4" transform="scale(-4.24,-4.24) "/>
</marker>
<marker id="mrkr3-154" class="st11" v:arrowType="3" v:arrowSize="3" orient="auto" markerUnits="strokeWidth"
overflow="visible">
<use xlink:href="#lend3" transform="scale(-4.24,-4.24) "/>
</marker>
</defs>
<g v:mID="52" v:index="18" v:groupContext="foregroundPage">
<v:userDefs>
<v:ud v:nameU="msvThemeOrder" v:val="VT0(0):26"/>
</v:userDefs>
<title>HAADJ-Auth-CloudTrust</title>
<v:pageProperties v:drawingScale="1" v:pageScale="1" v:drawingUnits="0" v:shadowOffsetX="9" v:shadowOffsetY="-9"/>
<v:layer v:name="Connector" v:index="0"/>
<v:layer v:name="Flowchart" v:index="1"/>
<g id="group1005-1" transform="translate(677.212,-555.056)" v:mID="1005" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1005</title>
<desc>Domain Controller</desc>
<g id="shape1006-2" v:mID="1006" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1006</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1007-4" v:mID="1007" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1007</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1008-6" v:mID="1008" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1008</title>
</g>
<g id="shape1009-8" v:mID="1009" v:groupContext="shape" transform="translate(652.5,612) rotate(90)">
<title>Sheet.1009</title>
<path d="M0 612 L537.06 612" class="st2"/>
</g>
<g id="shape1005-11" v:mID="1005" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="20.96" y="589.5" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Domain <tspan
x="15.34" dy="1.2em" class="st4">Controller</tspan></text> </g>
</g>
<g id="group1015-15" transform="translate(19.1441,-555.056)" v:mID="1015" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1015</title>
<desc>Winlogon</desc>
<g id="shape1016-16" v:mID="1016" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1016</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1017-18" v:mID="1017" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1017</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1018-20" v:mID="1018" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1018</title>
</g>
<g id="shape1019-22" v:mID="1019" v:groupContext="shape" transform="translate(652.5,612) rotate(90)">
<title>Sheet.1019</title>
<path d="M0 612 L537.06 612" class="st2"/>
</g>
<g id="shape1015-25" v:mID="1015" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="16.38" y="596.7" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Winlogon</text> </g>
</g>
<g id="group1020-28" transform="translate(567.534,-555.056)" v:mID="1020" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1020</title>
<desc>Microsoft Entra ID</desc>
<g id="shape1021-29" v:mID="1021" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1021</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1022-31" v:mID="1022" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1022</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1023-33" v:mID="1023" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1023</title>
</g>
<g id="shape1024-35" v:mID="1024" v:groupContext="shape" transform="translate(652.5,612) rotate(90)">
<title>Sheet.1024</title>
<path d="M0 612 L537.06 612" class="st2"/>
</g>
<g id="shape1020-38" v:mID="1020" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="16.32" y="589.5" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Microsoft <tspan
x="20.44" dy="1.2em" class="st4">Entra ID</tspan></text> </g>
</g>
<g id="group1025-42" transform="translate(128.822,-555.056)" v:mID="1025" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1025</title>
<desc>LSA</desc>
<g id="shape1026-43" v:mID="1026" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1026</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1027-45" v:mID="1027" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1027</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1028-47" v:mID="1028" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1028</title>
</g>
<g id="shape1029-49" v:mID="1029" v:groupContext="shape" transform="translate(652.5,612) rotate(90)">
<title>Sheet.1029</title>
<path d="M0 612 L537.06 612" class="st2"/>
</g>
<g id="shape1025-52" v:mID="1025" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="31.49" y="596.7" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>LSA</text> </g>
</g>
<g id="group1030-55" transform="translate(238.5,-555.056)" v:mID="1030" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1030</title>
<desc>Credential Provider</desc>
<g id="shape1031-56" v:mID="1031" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1031</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1032-58" v:mID="1032" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1032</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1033-60" v:mID="1033" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1033</title>
</g>
<g id="shape1034-62" v:mID="1034" v:groupContext="shape" transform="translate(652.5,612) rotate(90)">
<title>Sheet.1034</title>
<path d="M0 612 L537.06 612" class="st2"/>
</g>
<g id="shape1030-65" v:mID="1030" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="14.72" y="589.5" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Credential<v:lf/><tspan
x="19.26" dy="1.2em" class="st4">Provider</tspan></text> </g>
</g>
<g id="group1035-69" transform="translate(457.856,-555.056)" v:mID="1035" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1035</title>
<desc>Cloud Auth provider</desc>
<g id="shape1036-70" v:mID="1036" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1036</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1037-72" v:mID="1037" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1037</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1038-74" v:mID="1038" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1038</title>
</g>
<g id="shape1039-76" v:mID="1039" v:groupContext="shape" transform="translate(652.5,612) rotate(90)">
<title>Sheet.1039</title>
<path d="M0 612 L537.06 612" class="st2"/>
</g>
<g id="shape1035-79" v:mID="1035" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="12.67" y="589.5" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Cloud Auth<v:lf/><tspan
x="19.24" dy="1.2em" class="st4">provider</tspan></text> </g>
</g>
<g id="group1040-83" transform="translate(348.178,-555.056)" v:mID="1040" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1040</title>
<desc>Kerberos provider</desc>
<g id="shape1041-84" v:mID="1041" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1041</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1042-86" v:mID="1042" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1042</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1043-88" v:mID="1043" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1043</title>
</g>
<g id="shape1044-90" v:mID="1044" v:groupContext="shape" transform="translate(652.5,612) rotate(90)">
<title>Sheet.1044</title>
<path d="M0 612 L537.06 612" class="st2"/>
</g>
<g id="shape1040-93" v:mID="1040" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="18.07" y="589.5" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Kerberos<v:lf/><tspan
x="19.24" dy="1.2em" class="st4">provider</tspan></text> </g>
</g>
<g id="shape1045-97" v:mID="1045" v:groupContext="shape" v:layerMember="0" transform="translate(270,-537.056)">
<title>Self Message.1020</title>
<desc>User provides gesture</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="76.5" cy="622.556" width="99.21" height="20.0036"/>
<path d="M9 612 L27 612 L27 630 L17.48 630" class="st5"/>
<rect v:rectContext="textBkgnd" x="32.0321" y="616.556" width="88.936" height="12.0001" class="st7"/>
<text x="32.03" y="625.56" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>User provides gesture</text> </g>
<g id="shape1047-105" v:mID="1047" v:groupContext="shape" v:layerMember="0" transform="translate(279,-510.056)">
<title>Return Message.1028</title>
<desc>Collected Credentials</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="-74.5613" cy="602.306" width="96.43" height="20.0036"/>
<path d="M0 603 L-219.36 603" class="st9"/>
<rect v:rectContext="textBkgnd" x="-117.64" y="596.306" width="86.1584" height="12.0001" class="st7"/>
<text x="-117.64" y="605.31" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Collected Credentials</text> </g>
<g id="shape1048-113" v:mID="1048" v:groupContext="shape" v:layerMember="0" transform="translate(59.6441,-492.056)">
<title>Message.1029</title>
<desc>Collected Credentials</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="54.839" cy="603" width="96.43" height="20.0036"/>
<path d="M0 603 L101.2 603" class="st5"/>
<rect v:rectContext="textBkgnd" x="11.7599" y="597" width="86.1584" height="12.0001" class="st7"/>
<text x="11.76" y="606" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Collected Credentials</text> </g>
<g id="shape1049-120" v:mID="1049" v:groupContext="shape" v:layerMember="0" transform="translate(59.6441,-528.056)">
<title>Message.1027</title>
<desc>Show the WHFB Cred Prov</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="67.6773" cy="604.556" width="117.81" height="20.0036"/>
<path d="M0 603 L210.88 603" class="st5"/>
<rect v:rectContext="textBkgnd" x="13.9052" y="598.556" width="107.544" height="12.0001" class="st7"/>
<text x="13.91" y="607.56" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Show the WHFB Cred Prov</text> </g>
<g id="shape1061-127" v:mID="1061" v:groupContext="shape" v:layerMember="0" transform="translate(388.678,-160.136)">
<title>Return Message.1061</title>
<desc>TGT</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="-109.678" cy="603" width="50" height="20.0036"/>
<path d="M0 603 L-219.36 603" class="st9"/>
<rect v:rectContext="textBkgnd" x="-117.705" y="597" width="16.0546" height="12.0001" class="st7"/>
<text x="-117.71" y="606" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>TGT</text> </g>
<g id="shape1062-134" v:mID="1062" v:groupContext="shape" v:layerMember="0" transform="translate(169.322,-492.056)">
<title>Message.1062</title>
<desc>Collected Credentials</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="164.517" cy="603" width="96.43" height="20.0036"/>
<path d="M0 603 L320.55 603" class="st10"/>
<rect v:rectContext="textBkgnd" x="121.438" y="597" width="86.1584" height="12.0001" class="st7"/>
<text x="121.44" y="606" class="st12" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Collected Credentials</text> </g>
<g id="shape1063-142" v:mID="1063" v:groupContext="shape" v:layerMember="0" transform="translate(498.356,-492.776)">
<title>Message.1030</title>
<desc>Request Nonce</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="54.839" cy="603" width="71.87" height="20.0036"/>
<path d="M0 603 L101.2 603" class="st10"/>
<rect v:rectContext="textBkgnd" x="24.0404" y="597" width="61.5973" height="12.0001" class="st7"/>
<text x="24.04" y="606" class="st12" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Request Nonce</text> </g>
<g id="shape1064-149" v:mID="1064" v:groupContext="shape" v:layerMember="0" transform="translate(608.034,-474.776)">
<title>Return Message.1033</title>
<desc>Nonce</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="-54.839" cy="603" width="50" height="20.0036"/>
<path d="M0 603 L-109.68 603" class="st13"/>
<rect v:rectContext="textBkgnd" x="-67.9323" y="597" width="26.1867" height="12.0001" class="st7"/>
<text x="-67.93" y="606" class="st12" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Nonce</text> </g>
<g id="shape1065-157" v:mID="1065" v:groupContext="shape" v:layerMember="0" transform="translate(608.034,-372.536)">
<title>Return Message.1034</title>
<desc>PRT w/Session key and Partial TGT</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="-48.5325" cy="602.032" width="87.79" height="32.0037"/>
<path d="M0 603 L-109.68 603" class="st13"/>
<rect v:rectContext="textBkgnd" x="-86.1646" y="590.033" width="75.264" height="23.9999" class="st7"/>
<text x="-86.16" y="599.03" class="st12" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>PRT w/Session key <v:newlineChar/><v:paragraph
v:horizAlign="1"/><tspan x="-79.56" dy="1.2em" class="st4">and Partial TGT</tspan></text> </g>
<g id="shape1066-165" v:mID="1066" v:groupContext="shape" v:layerMember="0" transform="translate(489.355,-468.655)">
<title>Self Message.1066</title>
<desc>Sign nonce WHFB privkey</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="59.6442" cy="622.556" width="67.29" height="32.0037"/>
<path d="M9 612 L27 612 L27 630 L17.48 630" class="st10"/>
<rect v:rectContext="textBkgnd" x="31.1334" y="610.556" width="57.0218" height="24.0002" class="st7"/>
<text x="37.6" y="619.56" class="st12" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Sign nonce <v:lf/><tspan
x="31.13" dy="1.2em" class="st4">WHFB privkey</tspan></text> </g>
<g id="shape1067-173" v:mID="1067" v:groupContext="shape" v:layerMember="0" transform="translate(498.356,-426.536)">
<title>Message.1037</title>
<desc>Signed Nonce</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="54.839" cy="603" width="65.8" height="20.0036"/>
<path d="M0 603 L101.2 603" class="st10"/>
<rect v:rectContext="textBkgnd" x="27.0751" y="597" width="55.5279" height="12.0001" class="st7"/>
<text x="27.08" y="606" class="st12" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Signed Nonce</text> </g>
<g id="shape1068-180" v:mID="1068" v:groupContext="shape" v:layerMember="0" transform="translate(599.034,-435.536)">
<title>Self Message.1038</title>
<desc>Validate signature WHFB pubkey</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="66.9662" cy="622.556" width="83.98" height="32.0037"/>
<path d="M9 612 L27 612 L27 630 L17.48 630" class="st10"/>
<rect v:rectContext="textBkgnd" x="30.1128" y="610.556" width="73.707" height="24.0002" class="st7"/>
<text x="30.11" y="619.56" class="st12" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Validate signature<v:lf/><tspan
x="37.22" dy="1.2em" class="st4"> </tspan>WHFB pubkey</text> </g>
<g id="shape1069-188" v:mID="1069" v:groupContext="shape" v:layerMember="0" transform="translate(599.034,-399.536)">
<title>Self Message.1039</title>
<desc>Validate Nonce</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="62.4662" cy="620.306" width="72.14" height="20.0036"/>
<path d="M9 612 L27 612 L27 630 L17.48 630" class="st10"/>
<rect v:rectContext="textBkgnd" x="31.5309" y="614.306" width="61.8709" height="12.0001" class="st7"/>
<text x="31.53" y="623.31" class="st12" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Validate Nonce</text> </g>
<g id="shape1070-195" v:mID="1070" v:groupContext="shape" v:layerMember="0" transform="translate(489.356,-354.896)">
<title>Self Message.1040</title>
<desc>Decrypt Session key w/ Transport key</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="73.1441" cy="622.556" width="93.29" height="32.0037"/>
<path d="M9 612 L27 612 L27 630 L17.48 630" class="st10"/>
<rect v:rectContext="textBkgnd" x="32.7654" y="610.556" width="80.7575" height="24.0002" class="st7"/>
<text x="32.77" y="619.56" class="st12" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Decrypt Session key <v:lf/><tspan
x="38.52" dy="1.2em" class="st4">w/ Transport key</tspan></text> </g>
<g id="shape1071-203" v:mID="1071" v:groupContext="shape" v:layerMember="0" transform="translate(489.356,-318.896)">
<title>Self Message.1041</title>
<desc>Import Session Key to TPM</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="73.1441" cy="622.556" width="87.57" height="32.0037"/>
<path d="M9 612 L27 612 L27 630 L17.48 630" class="st10"/>
<rect v:rectContext="textBkgnd" x="34.4916" y="610.556" width="77.3053" height="24.0002" class="st7"/>
<text x="34.49" y="619.56" class="st12" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Import Session Key<v:lf/><tspan
x="58.41" dy="1.2em" class="st4">to TPM</tspan></text> </g>
<g id="shape1072-211" v:mID="1072" v:groupContext="shape" v:layerMember="0" transform="translate(498.359,-291.24)">
<title>Return Message.1035</title>
<desc>Partial TGT</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="-164.517" cy="603" width="54.76" height="20.0036"/>
<path d="M0 603 L-329.03 603" class="st13"/>
<rect v:rectContext="textBkgnd" x="-186.761" y="597" width="44.4875" height="12.0001" class="st7"/>
<text x="-186.76" y="606" class="st12" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Partial TGT</text> </g>
<g id="shape1074-218" v:mID="1074" v:groupContext="shape" v:layerMember="0" transform="translate(50.6441,-151.136)">
<title>Self Message.1043</title>
<desc>Load User Desktop</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="68.6059" cy="622.556" width="86.56" height="20.0036"/>
<path d="M9 612 L27 612 L27 630 L17.48 630" class="st5"/>
<rect v:rectContext="textBkgnd" x="30.4588" y="616.556" width="76.2943" height="12.0001" class="st7"/>
<text x="30.46" y="625.56" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Load User Desktop</text> </g>
<g id="shape1075-225" v:mID="1075" v:groupContext="shape" v:layerMember="0" transform="translate(169.322,-160.136)">
<title>Return Message.1075</title>
<desc>Success</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="-54.839" cy="603" width="50" height="20.0036"/>
<path d="M0 603 L-109.68 603" class="st9"/>
<rect v:rectContext="textBkgnd" x="-70.391" y="597" width="31.1039" height="12.0001" class="st14"/>
<text x="-70.39" y="606" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Success</text> </g>
<g id="shape1078-232" v:mID="1078" v:groupContext="shape" v:layerMember="0" transform="translate(169.138,-271.796)">
<title>Message.1021</title>
<desc>Partial TGT</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="65.2844" cy="602.306" width="54.76" height="20.0036"/>
<path d="M0 603 L210.88 603" class="st5"/>
<rect v:rectContext="textBkgnd" x="43.0408" y="596.306" width="44.4875" height="12.0001" class="st7"/>
<text x="43.04" y="605.31" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Partial TGT</text> </g>
<g id="shape1079-239" v:mID="1079" v:groupContext="shape" v:layerMember="0" transform="translate(379.494,-280.796)">
<title>Self Message.1036</title>
<desc>Get domain hint from computer</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="61.3221" cy="620.306" width="78.69" height="32.0037"/>
<path d="M9 612 L27 612 L27 630 L17.48 630" class="st5"/>
<rect v:rectContext="textBkgnd" x="28.2406" y="608.306" width="66.163" height="24.0002" class="st7"/>
<text x="28.24" y="617.31" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Get domain hint <v:lf/><tspan
x="30.39" dy="1.2em" class="st4">from computer</tspan></text> </g>
<g id="shape1080-247" v:mID="1080" v:groupContext="shape" v:layerMember="0" transform="translate(717.528,-217.796)">
<title>Return Message.1051</title>
<desc>return list of domain controlers</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="-164.517" cy="603" width="84.92" height="32.0037"/>
<path d="M0 603 L-329.03 603" class="st9"/>
<rect v:rectContext="textBkgnd" x="-201.841" y="591" width="74.6491" height="24.0002" class="st7"/>
<text x="-189.77" y="600" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>return list of <v:lf/><tspan
x="-201.84" dy="1.2em" class="st4">domain controlers</tspan></text> </g>
<g id="shape1081-255" v:mID="1081" v:groupContext="shape" v:layerMember="0" transform="translate(388.494,-235.796)">
<title>Message.1060</title>
<desc>DcLocator via DNS</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="164.517" cy="603" width="84.58" height="20.0036"/>
<path d="M0 603 L320.55 603" class="st5"/>
<rect v:rectContext="textBkgnd" x="127.361" y="597" width="74.3118" height="12.0001" class="st7"/>
<text x="127.36" y="606" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>DcLocator via DNS</text> </g>
<g id="shape1082-262" v:mID="1082" v:groupContext="shape" v:layerMember="0" transform="translate(717.712,-159.416)">
<title>Return Message.1082</title>
<desc>TGT</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(1):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="-164.517" cy="603" width="50" height="20.0036"/>
<path d="M0 603 L-329.03 603" class="st9"/>
<rect v:rectContext="textBkgnd" x="-172.544" y="597" width="16.0546" height="12.0001" class="st14"/>
<text x="-172.54" y="606" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>TGT</text> </g>
<g id="shape1083-269" v:mID="1083" v:groupContext="shape" v:layerMember="0" transform="translate(387.723,-181.562)">
<title>Message.1083</title>
<desc>TGS_REQ w/ Partial TGT</desc>
<v:userDefs>
<v:ud v:nameU="IsReturn" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="IsAsync" v:prompt="" v:val="VT0(0):26"/>
<v:ud v:nameU="IsSelfMessage" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="164.517" cy="603" width="108.09" height="20.0036"/>
<path d="M0 603 L320.55 603" class="st5"/>
<rect v:rectContext="textBkgnd" x="115.608" y="597" width="97.8176" height="12.0001" class="st7"/>
<text x="115.61" y="606" class="st8" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>TGS_REQ w/ Partial TGT</text> </g>
<g id="shape1084-276" v:mID="1084" v:groupContext="shape" v:layerMember="1" transform="translate(461.943,-449.161)">
<title>State</title>
<desc>B</desc>
<v:custProps>
<v:cp v:nameU="Cost" v:lbl="Cost" v:type="7" v:format="@" v:langID="1033"/>
<v:cp v:nameU="Duration" v:lbl="Duration" v:type="2" v:langID="1033"/>
<v:cp v:nameU="Resources" v:lbl="Resources" v:langID="1033"/>
</v:custProps>
<v:userDefs>
<v:ud v:nameU="visVersion" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(1,1,1,1)"/>
<v:textRect cx="9.83896" cy="602.161" width="19.68" height="19.6779"/>
<path d="M0 602.16 A9.83896 9.83896 0 0 1 19.68 602.16 A9.83896 9.83896 0 1 1 0 602.16 Z" class="st15"/>
<text x="5.92" y="606.36" class="st16" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>B</text> </g>
<g id="shape1087-279" v:mID="1087" v:groupContext="shape" v:layerMember="1" transform="translate(461.943,-336.661)">
<title>State.1087</title>
<desc>D</desc>
<v:custProps>
<v:cp v:nameU="Cost" v:lbl="Cost" v:type="7" v:format="@" v:langID="1033"/>
<v:cp v:nameU="Duration" v:lbl="Duration" v:type="2" v:langID="1033"/>
<v:cp v:nameU="Resources" v:lbl="Resources" v:langID="1033"/>
</v:custProps>
<v:userDefs>
<v:ud v:nameU="visVersion" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(1,1,1,1)"/>
<v:textRect cx="9.83896" cy="602.161" width="19.68" height="19.6779"/>
<path d="M0 602.16 A9.83896 9.83896 0 0 1 19.68 602.16 A9.83896 9.83896 0 1 1 0 602.16 Z" class="st15"/>
<text x="5.43" y="606.36" class="st16" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>D</text> </g>
<g id="shape1088-282" v:mID="1088" v:groupContext="shape" v:layerMember="1" transform="translate(579.661,-398.822)">
<title>State.1088</title>
<desc>C</desc>
<v:custProps>
<v:cp v:nameU="Cost" v:lbl="Cost" v:type="7" v:format="@" v:langID="1033"/>
<v:cp v:nameU="Duration" v:lbl="Duration" v:type="2" v:langID="1033"/>
<v:cp v:nameU="Resources" v:lbl="Resources" v:langID="1033"/>
</v:custProps>
<v:userDefs>
<v:ud v:nameU="visVersion" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(1,1,1,1)"/>
<v:textRect cx="9.83896" cy="602.161" width="19.68" height="19.6779"/>
<path d="M0 602.16 A9.83896 9.83896 0 0 1 19.68 602.16 A9.83896 9.83896 0 1 1 0 602.16 Z" class="st15"/>
<text x="6.13" y="606.36" class="st16" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>C</text> </g>
<g id="shape1089-285" v:mID="1089" v:groupContext="shape" v:layerMember="1" transform="translate(358.322,-227.822)">
<title>State.1089</title>
<desc>E</desc>
<v:custProps>
<v:cp v:nameU="Cost" v:lbl="Cost" v:type="7" v:format="@" v:langID="1033"/>
<v:cp v:nameU="Duration" v:lbl="Duration" v:type="2" v:langID="1033"/>
<v:cp v:nameU="Resources" v:lbl="Resources" v:langID="1033"/>
</v:custProps>
<v:userDefs>
<v:ud v:nameU="visVersion" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(1,1,1,1)"/>
<v:textRect cx="9.83896" cy="602.161" width="19.68" height="19.6779"/>
<path d="M0 602.16 A9.83896 9.83896 0 0 1 19.68 602.16 A9.83896 9.83896 0 1 1 0 602.16 Z" class="st15"/>
<text x="6.42" y="606.36" class="st16" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>E</text> </g>
<g id="shape1090-288" v:mID="1090" v:groupContext="shape" v:layerMember="1" transform="translate(29.8221,-508.5)">
<title>State.1090</title>
<desc>A</desc>
<v:custProps>
<v:cp v:nameU="Cost" v:lbl="Cost" v:type="7" v:format="@" v:langID="1033"/>
<v:cp v:nameU="Duration" v:lbl="Duration" v:type="2" v:langID="1033"/>
<v:cp v:nameU="Resources" v:lbl="Resources" v:langID="1033"/>
</v:custProps>
<v:userDefs>
<v:ud v:nameU="visVersion" v:val="VT0(15):26"/>
</v:userDefs>
<v:textBlock v:margins="rect(1,1,1,1)"/>
<v:textRect cx="9.83896" cy="602.161" width="19.68" height="19.6779"/>
<path d="M0 602.16 A9.83896 9.83896 0 0 1 19.68 602.16 A9.83896 9.83896 0 1 1 0 602.16 Z" class="st15"/>
<text x="5.6" y="606.36" class="st16" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>A</text> </g>
<g id="group1126-291" transform="translate(677.212,-19.1441)" v:mID="1126" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1126</title>
<desc>Domain Controller</desc>
<g id="shape1127-292" v:mID="1127" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1127</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1128-294" v:mID="1128" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1128</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1129-296" v:mID="1129" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1129</title>
</g>
<g id="shape1126-298" v:mID="1126" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="20.96" y="589.5" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Domain <tspan
x="15.34" dy="1.2em" class="st4">Controller</tspan></text> </g>
</g>
<g id="group1131-302" transform="translate(19.1441,-19.1441)" v:mID="1131" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1131</title>
<desc>Winlogon</desc>
<g id="shape1132-303" v:mID="1132" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1132</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1133-305" v:mID="1133" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1133</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1134-307" v:mID="1134" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1134</title>
</g>
<g id="shape1131-309" v:mID="1131" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="16.38" y="596.7" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Winlogon</text> </g>
</g>
<g id="group1136-312" transform="translate(567.534,-19.1441)" v:mID="1136" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1136</title>
<desc>Microsoft Entra ID</desc>
<g id="shape1137-313" v:mID="1137" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1137</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1138-315" v:mID="1138" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1138</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1139-317" v:mID="1139" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1139</title>
</g>
<g id="shape1136-319" v:mID="1136" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="16.32" y="589.5" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Microsoft <tspan
x="20.44" dy="1.2em" class="st4">Entra ID</tspan></text> </g>
</g>
<g id="group1141-323" transform="translate(128.822,-19.1441)" v:mID="1141" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1141</title>
<desc>LSA</desc>
<g id="shape1142-324" v:mID="1142" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1142</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1143-326" v:mID="1143" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1143</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1144-328" v:mID="1144" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1144</title>
</g>
<g id="shape1141-330" v:mID="1141" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="31.49" y="596.7" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>LSA</text> </g>
</g>
<g id="group1146-333" transform="translate(238.5,-19.1441)" v:mID="1146" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1146</title>
<desc>Credential Provider</desc>
<g id="shape1147-334" v:mID="1147" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1147</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1148-336" v:mID="1148" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1148</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1149-338" v:mID="1149" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1149</title>
</g>
<g id="shape1146-340" v:mID="1146" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="14.72" y="589.5" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Credential<v:lf/><tspan
x="19.26" dy="1.2em" class="st4">Provider</tspan></text> </g>
</g>
<g id="group1151-344" transform="translate(457.856,-19.1441)" v:mID="1151" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1151</title>
<desc>Cloud Auth provider</desc>
<g id="shape1152-345" v:mID="1152" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1152</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1153-347" v:mID="1153" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1153</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1154-349" v:mID="1154" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1154</title>
</g>
<g id="shape1151-351" v:mID="1151" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="12.67" y="589.5" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Cloud Auth<v:lf/><tspan
x="19.24" dy="1.2em" class="st4">provider</tspan></text> </g>
</g>
<g id="group1156-355" transform="translate(348.178,-19.1441)" v:mID="1156" v:groupContext="group">
<v:userDefs>
<v:ud v:nameU="visVersion" v:prompt="" v:val="VT0(15):26"/>
<v:ud v:nameU="ShowActor" v:prompt="" v:val="VT0(0):5"/>
<v:ud v:nameU="ShowDestruction" v:prompt="" v:val="VT0(0):5"/>
</v:userDefs>
<title>Object lifeline.1156</title>
<desc>Kerberos provider</desc>
<g id="shape1157-356" v:mID="1157" v:groupContext="shape" transform="translate(13.5,-6.3)">
<title>Sheet.1157</title>
<rect x="0" y="586.8" width="54" height="25.2" class="st1"/>
</g>
<g id="shape1158-358" v:mID="1158" v:groupContext="shape" transform="translate(31.5,-41.4)">
<title>Sheet.1158</title>
<path d="M9 612 a0 0 0 1 1 0 0 a0 0 0 1 1 0 0 Z" class="st1"/>
</g>
<g id="shape1159-360" v:mID="1159" v:groupContext="shape" transform="translate(27,559.556)">
<title>Sheet.1159</title>
</g>
<g id="shape1156-362" v:mID="1156" v:groupContext="groupContent">
<v:textBlock v:margins="rect(4,4,4,4)"/>
<v:textRect cx="40.5" cy="593.1" width="81.01" height="37.8"/>
<rect x="0" y="574.2" width="81" height="37.8" class="st1"/>
<text x="18.07" y="589.5" class="st3" v:langID="1033"><v:paragraph v:horizAlign="1"/><v:tabList/>Kerberos<v:lf/><tspan
x="19.24" dy="1.2em" class="st4">provider</tspan></text> </g>
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 49 KiB