Server: Fully-patched 2008 R2, running Certificate Services. The /certsrv virtual directory is using (I believe) default settings. Specifically, this means it's using Windows Authentication, with ...

A good understanding of Kerberos and the Windows Time Service is critical to be able to diagnose authentication issues. While this article did not have the space to do an exhaustive description ...

Microsoft has officially deprecated NTLM authentication on Windows and Windows servers, stating that developers should transition to Kerberos or Negotiation authentication to prevent problems in ...

Child domains have a two-way trust with their parent domains, so they will trust each other's Kerberos authentication (they accept each others ride tickets in a way).

Microsoft has announced it is taking steps to eventually disable NTLM (NT LAN Manager) for authentication features in Windows 11 and add new features to Kerberos to take its place.

Microsoft has released out-of-band optional updates to fix a known issue that causes Kerberos authentication problems on enterprise domain controllers after installing security updates released ...

The KDC-spoofing flaw tracked as CVE-2021-23008 can be used to bypass Kerberos security and sign into the Big-IP Access Policy Manager or admin console.

Microsoft has issued out-of-band (OOB) updates to address authentication failures on domain controllers that run all currently supported editions of Windows Server. According to the security ...