User Profile
geakin
Joined Mar 25, 2019
User Widgets
Recent Discussions
Re: A sample deployment of Authentication Policies and Authentication Policy Silos in Active Directory!
Here's what's missing, and it changes the entire premise of the conclusion- sorry TomWechsler; We also need to enable the Kerberos client support for claims, compound authentication, and Kerberos armoring on clients. The policy setting is under Computer Configuration > Administrative Templates > System > Kerberos - "Kerberos client support for claims, compound authentication, and Kerberos armoring" When this is applied and the client host is rebooted, the Auth Policy / Policy Silo setup works as expected; the specified user logs into host successfully, while any other user will receive the "protected by an authentication firewall" message- even if that user has group/explicit permissions to the local Remote Desktop Users group. (credit to thesleepyadmins.com for pointing that out!)1.4KViews0likes0Comments
Recent Blog Articles
No content to show