Windows 10: Kerberos settings not found











up vote
1
down vote

favorite












In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions should be Enabled.



I've searched for this settings in Windows Server 2016, Windows 10 Education, Windows 10 Enterprise, and Windows 10 Pro and it was nowhere visible ....



enter image description here



What do I have to activate or enable to see the Kerberos Policies?










share|improve this question









New contributor




Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
























    up vote
    1
    down vote

    favorite












    In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
    In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions should be Enabled.



    I've searched for this settings in Windows Server 2016, Windows 10 Education, Windows 10 Enterprise, and Windows 10 Pro and it was nowhere visible ....



    enter image description here



    What do I have to activate or enable to see the Kerberos Policies?










    share|improve this question









    New contributor




    Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.






















      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
      In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions should be Enabled.



      I've searched for this settings in Windows Server 2016, Windows 10 Education, Windows 10 Enterprise, and Windows 10 Pro and it was nowhere visible ....



      enter image description here



      What do I have to activate or enable to see the Kerberos Policies?










      share|improve this question









      New contributor




      Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
      In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions should be Enabled.



      I've searched for this settings in Windows Server 2016, Windows 10 Education, Windows 10 Enterprise, and Windows 10 Pro and it was nowhere visible ....



      enter image description here



      What do I have to activate or enable to see the Kerberos Policies?







      windows-10 windows-server-2016






      share|improve this question









      New contributor




      Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question









      New contributor




      Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question








      edited Nov 22 at 12:12





















      New contributor




      Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked Nov 22 at 9:23









      Patrick Stoeckle

      82




      82




      New contributor




      Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      Patrick Stoeckle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          0
          down vote



          accepted










          You are not seeing this policy on Windows 10, since it applies
          on a Windows Server which is also a domain controller.



          STIG Viewer
          says about it:




          This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.




          Microsoft documentation is conflicting on this, but one possible interpretation
          is that the effect of this setting is to make the DC check the AD user's
          account policies such as logon hours and workstation restrictions.



          I don't really know if this policy applies on a stand-alone computer,
          and the fact that it is not to be found on Windows 10 may indicate
          that indeed it does not apply at all.






          share|improve this answer





















            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "3"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });






            Patrick Stoeckle is a new contributor. Be nice, and check out our Code of Conduct.










             

            draft saved


            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1377519%2fwindows-10-kerberos-settings-not-found%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            0
            down vote



            accepted










            You are not seeing this policy on Windows 10, since it applies
            on a Windows Server which is also a domain controller.



            STIG Viewer
            says about it:




            This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.




            Microsoft documentation is conflicting on this, but one possible interpretation
            is that the effect of this setting is to make the DC check the AD user's
            account policies such as logon hours and workstation restrictions.



            I don't really know if this policy applies on a stand-alone computer,
            and the fact that it is not to be found on Windows 10 may indicate
            that indeed it does not apply at all.






            share|improve this answer

























              up vote
              0
              down vote



              accepted










              You are not seeing this policy on Windows 10, since it applies
              on a Windows Server which is also a domain controller.



              STIG Viewer
              says about it:




              This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.




              Microsoft documentation is conflicting on this, but one possible interpretation
              is that the effect of this setting is to make the DC check the AD user's
              account policies such as logon hours and workstation restrictions.



              I don't really know if this policy applies on a stand-alone computer,
              and the fact that it is not to be found on Windows 10 may indicate
              that indeed it does not apply at all.






              share|improve this answer























                up vote
                0
                down vote



                accepted







                up vote
                0
                down vote



                accepted






                You are not seeing this policy on Windows 10, since it applies
                on a Windows Server which is also a domain controller.



                STIG Viewer
                says about it:




                This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.




                Microsoft documentation is conflicting on this, but one possible interpretation
                is that the effect of this setting is to make the DC check the AD user's
                account policies such as logon hours and workstation restrictions.



                I don't really know if this policy applies on a stand-alone computer,
                and the fact that it is not to be found on Windows 10 may indicate
                that indeed it does not apply at all.






                share|improve this answer












                You are not seeing this policy on Windows 10, since it applies
                on a Windows Server which is also a domain controller.



                STIG Viewer
                says about it:




                This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.




                Microsoft documentation is conflicting on this, but one possible interpretation
                is that the effect of this setting is to make the DC check the AD user's
                account policies such as logon hours and workstation restrictions.



                I don't really know if this policy applies on a stand-alone computer,
                and the fact that it is not to be found on Windows 10 may indicate
                that indeed it does not apply at all.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Nov 22 at 10:50









                harrymc

                248k10257549




                248k10257549






















                    Patrick Stoeckle is a new contributor. Be nice, and check out our Code of Conduct.










                     

                    draft saved


                    draft discarded


















                    Patrick Stoeckle is a new contributor. Be nice, and check out our Code of Conduct.













                    Patrick Stoeckle is a new contributor. Be nice, and check out our Code of Conduct.












                    Patrick Stoeckle is a new contributor. Be nice, and check out our Code of Conduct.















                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1377519%2fwindows-10-kerberos-settings-not-found%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    "Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

                    Alcedinidae

                    Origin of the phrase “under your belt”?