A
Anahaym
Hi everyone,
we have two domains (A and B), each has its own forest and two domain controllers. There is a trust between domains. Each admin has two Domain Admins account in each domain (like A\Admin and B\Admin).
Domain A has a PAW, where the admins are logging on with A\Admin and managing both domains (A\Admin was delegated some rights in domain B). But sometimes the admins have to connect (via RDP) to some server in B domain using B\Admin account. If an admin connects from his own computer (Windows 10) - it fails because of NTLM authentication, which is not allowed for the members of the Protected Users group. Then the admins connect from PAW and it works. In the logs I see another type of the Authentication - Kerberos!
Question: how to enable Kerberos authentication on Windows 10 to be able to connect to a server in another Domain using credentials of this domain?
Thank you in advance!
Continue reading...
we have two domains (A and B), each has its own forest and two domain controllers. There is a trust between domains. Each admin has two Domain Admins account in each domain (like A\Admin and B\Admin).
Domain A has a PAW, where the admins are logging on with A\Admin and managing both domains (A\Admin was delegated some rights in domain B). But sometimes the admins have to connect (via RDP) to some server in B domain using B\Admin account. If an admin connects from his own computer (Windows 10) - it fails because of NTLM authentication, which is not allowed for the members of the Protected Users group. Then the admins connect from PAW and it works. In the logs I see another type of the Authentication - Kerberos!
Question: how to enable Kerberos authentication on Windows 10 to be able to connect to a server in another Domain using credentials of this domain?
Thank you in advance!
Continue reading...