An authentication package has been loaded by the Local Security Authority. This authentication package will be used to authenticate logon attempts. Authentication Package Name: %1.
Event 514 is logged once at startup
for each authentication package on the system.
An authentication package is a DLL that encapsulates
a given form of authentication, such as NTLM or Kerberos. The
Local Security Authority calls into the appropriate authentication
package during the logon process to find out if the
user is authentic.
Although a third party can develop
an authentication package, few do so. The standard
packages that come with Windows Server 2003 are as follows:
Microsoft Authentication Package V1_0
Wdigest
Microsoft Unified Security Protocol Provider
Schannel
NTLM
Kerberos
Negotiate
The security implication of event 514,
realistically, is low. Although a rogue package could cause great
harm by stealing credentials at the time of logon, the effort
required in developing and installing a rogue authentication
package is significant.
