kfw-4.1: ms2mit in virtual setups?
Greg Hudson
ghudson at mit.edu
Sat Sep 18 00:50:33 EDT 2021
On 9/17/21 5:14 PM, John Devitofranceschi wrote:
> I can see that “AllowTGTSessionKey” is set to ‘1’ in the virtual registry. Is that not sufficient? Any way around this?
The current documentation of AllowTgtSessionKey says: "With active
Credential Guard in Windows 10 and later versions of Windows, you cannot
enable sharing the TGT session keys with applications anymore." That's
from:
https://docs.microsoft.com/en-us/troubleshoot/windows-server/windows-security/kerberos-protocol-registry-kdc-configuration-keys
There's more on Credential Guard at:
https://docs.microsoft.com/en-us/windows/security/identity-protection/credential-guard/credential-guard
More information about the Kerberos
mailing list