Do you have the ability to try adding those policies to a server or workstation that you can see/control? Then you can see if it has the same effect.
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Jack Kramer Sent: Wednesday, March 16, 2016 12:20 PM To: [email protected] Subject: Re: [NTSysADM] Group Policy setting to disable passthrough credentials? Tried credential manager (Bonnie's suggestion) and the below settings for credential delegation and no dice. Must be applying to the domain controllers-unless anyone has any other ideas? There are two policies applying to the DCs that are restricted past my ability to see, so no idea what might be hiding in the shadows there. > On Mar 16, 2016, at 11:27 AM, Joseph L. Casale <[email protected]> > wrote: > > https://blogs.msdn.microsoft.com/rds/2007/04/19/how-to-enable-single-sign-on-for-my-terminal-server-connections/ > > Maybe that's what you're after. > jlc > > ________________________________________ > From: [email protected] <[email protected]> on > behalf of Jack Kramer <[email protected]> > Sent: March 16, 2016 4:31 AM > To: [email protected] > Subject: [NTSysADM] Group Policy setting to disable passthrough credentials? > > Okay-this one has me officially stumped. I'm trying to find out which Group > Policy option(s) disables the ability to pass through your current > credentials when you do things like RDP to a server, etc. Whatever setting > does this is definitely turned on in an environment I've been working in, but > I can't locate which policy or setting is actually causing the effect. > Passthrough still works for intranet sites and for applications like the > VMware vSphere console, so it can't be the NTLM policies-right? Anyone have > any ideas, and would it be applied to just domain controllers or would it > apply to member computers? >
