Windows 10: Kerberos settings not found
up vote
1
down vote
favorite
In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions should be Enabled.
I've searched for this settings in Windows Server 2016, Windows 10 Education, Windows 10 Enterprise, and Windows 10 Pro and it was nowhere visible ....
enter image description here
What do I have to activate or enable to see the Kerberos Policies?
windows-10 windows-server-2016
asked Nov 22 at 9:23
Patrick Stoeckle
82
New contributor
Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
1
down vote
favorite
In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions should be Enabled.
I've searched for this settings in Windows Server 2016, Windows 10 Education, Windows 10 Enterprise, and Windows 10 Pro and it was nowhere visible ....
enter image description here
What do I have to activate or enable to see the Kerberos Policies?
windows-10 windows-server-2016
asked Nov 22 at 9:23
Patrick Stoeckle
82
New contributor
Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions should be Enabled.
I've searched for this settings in Windows Server 2016, Windows 10 Education, Windows 10 Enterprise, and Windows 10 Pro and it was nowhere visible ....
enter image description here
What do I have to activate or enable to see the Kerberos Policies?
windows-10 windows-server-2016
asked Nov 22 at 9:23
Patrick Stoeckle
82
New contributor
Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions should be Enabled.
I've searched for this settings in Windows Server 2016, Windows 10 Education, Windows 10 Enterprise, and Windows 10 Pro and it was nowhere visible ....
enter image description here
What do I have to activate or enable to see the Kerberos Policies?
windows-10 windows-server-2016
windows-10 windows-server-2016
asked Nov 22 at 9:23
Patrick Stoeckle
82
New contributor
Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked Nov 22 at 9:23
Patrick Stoeckle
82
New contributor
Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited Nov 22 at 12:12
asked Nov 22 at 9:23
Patrick Stoeckle
82
New contributor
Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked Nov 22 at 9:23
Patrick Stoeckle
82
asked Nov 22 at 9:23
Patrick Stoeckle
82
82
New contributor
Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
accepted
You are not seeing this policy on Windows 10, since it applies
on a Windows Server which is also a domain controller.
STIG Viewer
says about it:
This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.
Microsoft documentation is conflicting on this, but one possible interpretation
is that the effect of this setting is to make the DC check the AD user's
account policies such as logon hours and workstation restrictions.
I don't really know if this policy applies on a stand-alone computer,
and the fact that it is not to be found on Windows 10 may indicate
that indeed it does not apply at all.
answered Nov 22 at 10:50
harrymc
248k10257549
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
accepted
You are not seeing this policy on Windows 10, since it applies
on a Windows Server which is also a domain controller.
STIG Viewer
says about it:
This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.
Microsoft documentation is conflicting on this, but one possible interpretation
is that the effect of this setting is to make the DC check the AD user's
account policies such as logon hours and workstation restrictions.
I don't really know if this policy applies on a stand-alone computer,
and the fact that it is not to be found on Windows 10 may indicate
that indeed it does not apply at all.
answered Nov 22 at 10:50
harrymc
248k10257549
add a comment |
up vote
0
down vote
accepted
You are not seeing this policy on Windows 10, since it applies
on a Windows Server which is also a domain controller.
STIG Viewer
says about it:
This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.
Microsoft documentation is conflicting on this, but one possible interpretation
is that the effect of this setting is to make the DC check the AD user's
account policies such as logon hours and workstation restrictions.
I don't really know if this policy applies on a stand-alone computer,
and the fact that it is not to be found on Windows 10 may indicate
that indeed it does not apply at all.
answered Nov 22 at 10:50
harrymc
248k10257549
add a comment |
up vote
0
down vote
accepted
up vote
0
down vote
accepted
You are not seeing this policy on Windows 10, since it applies
on a Windows Server which is also a domain controller.
STIG Viewer
says about it:
This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.
Microsoft documentation is conflicting on this, but one possible interpretation
is that the effect of this setting is to make the DC check the AD user's
account policies such as logon hours and workstation restrictions.
I don't really know if this policy applies on a stand-alone computer,
and the fact that it is not to be found on Windows 10 may indicate
that indeed it does not apply at all.
answered Nov 22 at 10:50
harrymc
248k10257549
You are not seeing this policy on Windows 10, since it applies
on a Windows Server which is also a domain controller.
STIG Viewer
says about it:
This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.
Microsoft documentation is conflicting on this, but one possible interpretation
is that the effect of this setting is to make the DC check the AD user's
account policies such as logon hours and workstation restrictions.
I don't really know if this policy applies on a stand-alone computer,
and the fact that it is not to be found on Windows 10 may indicate
that indeed it does not apply at all.
answered Nov 22 at 10:50
harrymc
248k10257549
answered Nov 22 at 10:50
harrymc
248k10257549
answered Nov 22 at 10:50
harrymc
248k10257549
answered Nov 22 at 10:50
harrymc
248k10257549
248k10257549
add a comment |
add a comment |
Patrick Stoeckle is a new contributor. Be nice, and check out our Code of Conduct.
Patrick Stoeckle is a new contributor. Be nice, and check out our Code of Conduct.
Patrick Stoeckle is a new contributor. Be nice, and check out our Code of Conduct.
Patrick Stoeckle is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1377519%2fwindows-10-kerberos-settings-not-found%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
