{1421B66F-3379-4CE3-9B1B-2DC0B825EE14} azureblog.pl Kerberos client support for claims true 2020-06-01T17:48:10 2020-06-01T17:48:25 2020-06-01T17:49:39.6372189Z O:DAG:DAD:PAI(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;;CCDCLCSWRPWPDTLOSDRCWDWO;;;DA)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;DA)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;S-1-5-21-657827913-1895599540-1755036276-519)(A;CI;LCRPLORC;;;ED)(A;CI;LCRPLORC;;;AU)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;SY)(A;CIIO;CCDCLCSWRPWPDTLOSDRCWDWO;;;CO)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CIIOIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) S-1-5-21-657827913-1895599540-1755036276-512 AZUREBLOG\Domain Admins S-1-5-21-657827913-1895599540-1755036276-512 AZUREBLOG\Domain Admins true false S-1-5-9 NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS Allow false true false true false Read 0 S-1-5-18 NT AUTHORITY\SYSTEM Allow false true false true false Edit, delete, modify security 0 S-1-5-21-657827913-1895599540-1755036276-512 AZUREBLOG\Domain Admins Allow false true false true false Edit, delete, modify security 0 S-1-5-11 NT AUTHORITY\Authenticated Users Allow false true false true false Apply Group Policy 0 S-1-5-21-657827913-1895599540-1755036276-519 AZUREBLOG\Enterprise Admins Allow false true false true false Edit, delete, modify security 0 false true 1 1 true Kerberos client support for claims, compound authentication and Kerberos armoring Enabled This policy setting controls whether a device will request claims and compound authentication for Dynamic Access Control and Kerberos armoring using Kerberos authentication with domains that support these features. If you enable this policy setting, the client computers will request claims, provide information required to create compounded authentication and armor Kerberos messages in domains which support claims and compound authentication for Dynamic Access Control and Kerberos armoring. If you disable or do not configure this policy setting, the client devices will not request claims, provide information required to create compounded authentication and armor Kerberos messages. Services hosted on the device will not be able to retrieve claims for clients using Kerberos protocol transition. At least Windows Server 2012, Windows 8 or Windows RT System/Kerberos false Registry 0 0 true azureblog azureblog.pl true false