Windows 10: Kerberos settings not found
up vote
1
down vote
favorite
In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions
should be Enabled
.
I've searched for this settings in Windows Server 2016
, Windows 10 Education
, Windows 10 Enterprise
, and Windows 10 Pro
and it was nowhere visible ....
enter image description here
What do I have to activate or enable to see the Kerberos Policies
?
windows-10 windows-server-2016
add a comment |
up vote
1
down vote
favorite
In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions
should be Enabled
.
I've searched for this settings in Windows Server 2016
, Windows 10 Education
, Windows 10 Enterprise
, and Windows 10 Pro
and it was nowhere visible ....
enter image description here
What do I have to activate or enable to see the Kerberos Policies
?
windows-10 windows-server-2016
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions
should be Enabled
.
I've searched for this settings in Windows Server 2016
, Windows 10 Education
, Windows 10 Enterprise
, and Windows 10 Pro
and it was nowhere visible ....
enter image description here
What do I have to activate or enable to see the Kerberos Policies
?
windows-10 windows-server-2016
In our company, we want to configure our Windows-based infrastructure compliant to the IASE SCAP specifications, e.g., the Microsoft Windows Server 2016 STIG Benchmark.
In this document, there is the rule that Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Account Policies >> Kerberos Policy >> Enforce user logon restrictions
should be Enabled
.
I've searched for this settings in Windows Server 2016
, Windows 10 Education
, Windows 10 Enterprise
, and Windows 10 Pro
and it was nowhere visible ....
enter image description here
What do I have to activate or enable to see the Kerberos Policies
?
windows-10 windows-server-2016
windows-10 windows-server-2016
edited Nov 22 at 12:12
asked Nov 22 at 9:23
Patrick Stoeckle
82
82
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
accepted
You are not seeing this policy on Windows 10, since it applies
on a Windows Server which is also a domain controller.
STIG Viewer
says about it:
This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.
Microsoft documentation is conflicting on this, but one possible interpretation
is that the effect of this setting is to make the DC check the AD user's
account policies such as logon hours and workstation restrictions.
I don't really know if this policy applies on a stand-alone computer,
and the fact that it is not to be found on Windows 10 may indicate
that indeed it does not apply at all.
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
accepted
You are not seeing this policy on Windows 10, since it applies
on a Windows Server which is also a domain controller.
STIG Viewer
says about it:
This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.
Microsoft documentation is conflicting on this, but one possible interpretation
is that the effect of this setting is to make the DC check the AD user's
account policies such as logon hours and workstation restrictions.
I don't really know if this policy applies on a stand-alone computer,
and the fact that it is not to be found on Windows 10 may indicate
that indeed it does not apply at all.
add a comment |
up vote
0
down vote
accepted
You are not seeing this policy on Windows 10, since it applies
on a Windows Server which is also a domain controller.
STIG Viewer
says about it:
This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.
Microsoft documentation is conflicting on this, but one possible interpretation
is that the effect of this setting is to make the DC check the AD user's
account policies such as logon hours and workstation restrictions.
I don't really know if this policy applies on a stand-alone computer,
and the fact that it is not to be found on Windows 10 may indicate
that indeed it does not apply at all.
add a comment |
up vote
0
down vote
accepted
up vote
0
down vote
accepted
You are not seeing this policy on Windows 10, since it applies
on a Windows Server which is also a domain controller.
STIG Viewer
says about it:
This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.
Microsoft documentation is conflicting on this, but one possible interpretation
is that the effect of this setting is to make the DC check the AD user's
account policies such as logon hours and workstation restrictions.
I don't really know if this policy applies on a stand-alone computer,
and the fact that it is not to be found on Windows 10 may indicate
that indeed it does not apply at all.
You are not seeing this policy on Windows 10, since it applies
on a Windows Server which is also a domain controller.
STIG Viewer
says about it:
This policy setting determines whether the Kerberos Key Distribution Center (KDC) validates every request for a session ticket against the user rights policy of the target computer. The policy is enabled by default which is the most secure setting for validating access to target resources is not circumvented.
Microsoft documentation is conflicting on this, but one possible interpretation
is that the effect of this setting is to make the DC check the AD user's
account policies such as logon hours and workstation restrictions.
I don't really know if this policy applies on a stand-alone computer,
and the fact that it is not to be found on Windows 10 may indicate
that indeed it does not apply at all.
answered Nov 22 at 10:50
harrymc
249k10257550
249k10257550
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1377519%2fwindows-10-kerberos-settings-not-found%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown