Definition of logon in The Network Encyclopedia.

What is Logon?

The process by which a user’s credentials are verified by a network security authority so that the user can be granted access to the machine. Logons can be one of two types:

  • Interactive logons:
    Occur when users sit at the console of the computer they want to access and enter their credentials in the logon dialog box.


  • Remote logons:
    Occur when a user has already logged on interactively to a machine but wants to establish a network connection with a remote computer. For example, if the user tries to map a drive letter to a shared folder on the remote computer, a remote logon must take place during the process so that the remote computer can be sure that the user has the right to perform the action.


When a user attempts an interactive logon to a machine, the user’s credentials are verified by a security authority, which can be one of the following:

  • The local machine itself, such as a computer running Microsoft Windows NT or Windows 2000 that is configured as part of a workgroup. In the workgroup security model, each machine maintains its own separate list of valid user accounts in its local security database. When a user performs an interactive logon to a stand-alone machine running Windows NT or Windows 2000 that is not part of a domain, the machine itself validates the user’s credentials.
  • A designated machine or group of machines on the network. For example, in a Windows NT–based network that is based on the domain security model, special machines called domain controllers store and maintain the list of valid user accounts for all users on the network in the domain directory database or Security Account Manager (SAM) database. These domain controllers are used for validating attempts by users logging on to computers in the domain. When the user attempts to log on interactively to the local machine that is part of a domain, the local machine forwards the user’s credentials to a domain controller on the network by using a mechanism called pass-through authentication, and the domain controller authenticates the user’s credentials and informs the user’s local machine that it should allow the user access to the network.

In a Windows 2000–based network that uses the domain security model, the directory database is the database component of Active Directory. A successful logon to a machine running Windows NT or Windows 2000 results in an access token being granted to the user, which enables the user to access shared resources on the network for which he or she has suitable permissions.