J
John Ashman1
Guest
We are attempting verify an Active Directory machine account, using Kerberos S4U with a Certificate.The client sends the public part of a provisioned certificate to a remote server. The server then attempts to locate the machine account using Kerberos S4U with the public certificate.All this works as expected.However, in addition to performing the MS-RCMP to get the account, it was expected that the domain controller would also verify the basic certificate properties, such as expiration, and revocation. However, this seems not to be the case.Can you confirm if this is the case, and if not, is
Continue reading...
Continue reading...