Partager via


Computer Properties - Delegation tab

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

Item Details

Do not trust this computer for delegation

Specifies that no delegation of any services is allowed on this computer.

Trust this computer for delegation to any service (Kerberos only)

Specifies that the delegation of services on this computer is allowed only with the Kerberos protocol.

Note
The Kerberos version 5 (V5) authentication protocol is the primary security protocol for authentication in a domain. It verifies the identity of the user and the system.

Trust this computer for delegation to specified services only

Specifies that only certain selected services are allowed to be delegated on this computer. If the Use Kerberos only option is selected, delegation is allowed only with the Kerberos protocol. If Use any authentication protocol option is selected, delegation is allowed with any available authentication protocol.

Expanded check box

When option is selected, it lists all service principle names (SPN) that are associated with the service that is selected for delegation.

Add

Click to select services to which delegated credentials can be presented.

Remove

Click to remove services from the list of services to which delegated credentials can be presented.

Additional references