PowerShell : How do I set the delegation sensitive flag on users and computers ?
Kerberos Delegation, constrained and unconstrained is a complex topic, and one that often comes up when Security implications of External/Forests Trusts are discussed. Few days ago, on ActiveDir a similar topic was shed light upon. In brief Brian Arkills sums it up below, The other security implication that most folks seem oblivious to is the [...]
Can a KMS Server activate clients in multiple domains ?
Yes, the KMS client activation is supported in multi-domain environment in which the KMS host belongs to one domain and needs to cater to the clients in others. For this to work, you need to create a ‘multi-string value’ registry key under “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSoftwareProtectionPlatform” called “DNSDomainPublishList” on your KMS Server. When done, restart the “Software [...]