Day: April 1, 2010

Windows 2008R2 features part VI: Managed Service Accounts – delegation

In a previous entry I’ve explained how you can run services under the new Managed  Service Account. Say now that we want to use this service account in combination with Kerberos and the account needs to be trusted for delegation. We set an SPN to it, but in the Active Directory Users and Computers, we seem to be unable to find the trusted for delegation option.. Let’s take a closer look at these accounts once they have been created, to do this we’ll be using ldp.exe

(more…)

Read more