This security setting determines whether the Kerberos V5 Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the user account. Validation of each request for a session ticket is optional, because the extra step takes time and it may slow network access to services.
Policy path:
Computer Configuration\Windows Settings\Local Policies\Kerberos Policy
Default:
Enabled.
Supported on:
At least Windows XP SP2, Windows Server 2003
Registry settings:
Kerberos Policy security settings are not registry keys.
Reboot required:
No
Comments: