Understanding Kerberos Delegation in Windows Server Active Directory

Delegation is used when a server or service account needs to impersonate another user. For example, front-end webservers impersonate users when accessing backend databases, providing seamless access to data users are allowed to view or edit. Active Directory (AD) provides delegation for scenarios like this. Unconstrained Delegation is Risky Microsoft added unconstrained delegation to Active … Read more