If you want users to be able to access content based on their network logon credentials, you can enable the WMS Negotiate Authentication plug-in. This plug-in uses an encrypted challenge/response scheme to authenticate users. It is a secure form of authentication because the user name and password are not sent across the network; the player acknowledges the password by using a cryptographic exchange with the Windows Media server. The WMS Negotiate Authentication plug-in relies upon established user logon credentials that are authenticated using either NTLM or Kerberos authentication.
By using this plug-in, you can authenticate users on a variety of operating systems. NTLM authentication was the default authentication in Microsoft Windows NT Server 4.0. It is retained in Windows Server 2003 for compatibility with computers that are running Windows NT 4.0 and earlier. It can also be used to authenticate users that log on to stand-alone computers that are running Windows 2000 Server or later. Kerberos authentication is the default authentication method used in the Microsoft Windows 2000 Server and Microsoft Windows XP operating systems.
This form of authentication is appropriate for an intranet site that needs to support a variety of Windows clients as well as provide protection for confidential content.