Kerberos protocol
Summary
The role can be used to determine the value of the KrbtgtFullPacSignature registry key for Domain Controllers. This registry key is used to gate the deployment of the Kerberos changes. The Serial Number column of the role will contain the value of the registry key.
The role can also be used to create an audit data view if needed.
Settings
| Detection String | Comparator | Result | Applicable OS |
|---|---|---|---|
{%-HKLM/System/currentcontrolset/services/kdc:KrbtgtFullPacSignature-%} | Exists | Windows |