Kerberos
16 Group Policy settings under Kerberos. Browse the sub-folders and settings below.
Settings
- Allow retrieving the Azure AD Kerberos Ticket Granting Ticket during logon
- Always send compound authentication first
- Configure hash algorithms for certificate logon
- Define host name-to-Kerberos realm mappings
- Define interoperable Kerberos V5 realm settings
- Disable revocation checking for the SSL certificate of KDC proxy servers
- Enable Delegated Managed Service Account logons
- Fail authentication requests when Kerberos armoring is not available
- Kerberos client support for claims, compound authentication and Kerberos armoring
- Require strict KDC validation
- Require strict target SPN match on remote procedure calls
- Set maximum Kerberos SSPI context token buffer size
- Specify KDC proxy servers for Kerberos clients
- Support compound authentication
- Support device authentication using certificate
- Use forest search order