Request compound authentication

This policy setting allows you to configure a domain controller to request compound authentication. Note: For a domain controller to request compound authentication the policy “KDC support for claims compound authentication and Kerberos armoring” must be configured and enabled. If you enable this policy setting domain controllers will request compound authentication. The returned service ticket will contain compound authentication only when the account is explicitly configured. This policy should be applied to all domain controllers to ensure consistent application of this policy in the domain. If you disable or do not configure this policy setting domain controllers will return service tickets that contain compound authentication any time the client sends a compound authentication request regardless of the account configuration.

Additional Information

  1. Registry path is:

    HKEY_LOCAL_MACHINE -> Software -> Microsoft -> Windows -> CurrentVersion -> Policies -> System -> KDC -> Parameters # RequestCompoundId

  2. The Administrative Template path is:

    System -> KDC


* Making mistakes while changing registry values can affect your system adversely. We recommend you to create a System Restore point before making registry manipulation. If you're new to Registry Editor, read this beginner's guide.
** To locate the registry and administrative template path, checkout beginner's guide.
You're here :
Checkout Kapil Sparks™