ActiveDirSec.Org

The world's most trusted forum on Active Directory Security


ActiveDirSec.Org -> Access Control in Active Directory -> Exactly what does Validated write to Service Principal Name control?
Post Info TOPIC: Exactly what does Validated write to Service Principal Name control?
Geoffrey


Member

Status: Offline
Posts: 7
Date: Jun 1, 2011
Exactly what does Validated write to Service Principal Name control?
 
 

Hi again. One other question I had was in regards to the Validated write to Service Principal Name. We have noticed that this write is granted on quite a few computer account objects in our Active Directory and have been trying to get a good understanding of this right?

Does it have to do with Kerberos authentication in Active Directory, or does it have to do with NTLM authentication, or both? I would like to know what it controls, and how it does so?

It would also be nice to know what the difference is between an extended right and a validated write, as they both seem to have similar names, while being different obviously.



__________________

Wherever you go and whatever you do, may the luck of the Irish be there with you.
Page 1 of 1  sorted by
Quick Reply

Please log in to post quick replies.
ActiveDirSec.Org -> Access Control in Active Directory -> Exactly what does Validated write to Service Principal Name control?
Post to Facebook Post to Digg Post to Del.icio.us
Members Login
Username 
 
Password 
    Remember Me