:::MENU:::

Kerberos client support for claims compound authentication and Kerberos armoring

This policy setting controls whether a device will request claims and compound authentication for Dynamic Access Control and Kerberos armoring using Kerberos authentication with domains that support these features. If you enable this policy setting the client computers will request claims provide information required to create compounded authentication and armor Kerberos messages in domains which support claims and compound authentication for Dynamic Access Control and Kerberos armoring. If you disable or do not configure this policy setting the client devices will not request claims provide information required to create compounded authentication and armor Kerberos messages. Services hosted on the device will not be able to retrieve claims for clients using Kerberos protocol transition.


Additional Information

  1. Registry path is:

    HKEY_LOCAL_MACHINE -> Software -> Microsoft -> Windows -> CurrentVersion -> Policies -> System -> Kerberos -> Parameters # EnableCbacAndArmor

  2. The Administrative Template path is:

    System -> Kerberos

Notes

* Making mistakes while changing registry values can affect your system adversely. We recommend you to create a System Restore point before making registry manipulation. If you're new to Registry Editor, read this beginner's guide.
** To locate the registry and administrative template path, checkout beginner's guide.
You're here :
Checkout Kapil Sparks™