Active Directory Computer Delegation tab

The general tab

When a computer is trusted for delegation it means that any services running on the local system can request services from other servers on behalf of the user.

Active Directory computer delegation tab

    • Do not trust this computer for delegation – specifies that no delegation is allowed on any of the computer’s services
    • Trust this computer for delegation to any service(Kerberos only)- specifies that delegation of services on this computer is allowed only with Kerberos authentication
    • Trust this computer for delegation to specified services only – specifies that only certain services are allowed to be delegated depending on the type of authentication protocol chosen
    • The tab also displays a list of services to which the account can present credentials
    • Expanded – lists all SPNs (service principal) names that are associated with the service that you chose for delegation
  • The add and remove buttons can be used to add or remove Services from the list respectively

Comments

comments

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)