Re: Kerberos Ticket User

From: Steven L Umbach (
Date: 04/27/05

Date: Wed, 27 Apr 2005 01:55:15 -0500

The krbtgt account is disabled by default and the system manages the
password. You do not nor should not reconfigure that account. I am not sure
exactly what you need to do but if it has to do with trusting user accounts
for delegation see the links below. --- Steve,295582,sid45_gci1050149,00.html#Delegation

"Will" <> wrote in message
> In our Active Directory server user list, I see a user account for the
> Kerberos ticket service, but it is marked as disabled. The Kerberos
> ticket
> service is running with SYSTEM authority. Is this the default
> configuration?
> If you want to use the Kerberos use account to run the Kerberos ticket
> service, are you supposed to change the password, or does Kerberos
> maintain
> and change this password on its own? What steps are required to make
> this
> secure?
> We need to run Kerberos ticket as a user so that it will be able to pass
> Kerberos tickets through a winsock proxy that only allows specific user
> accounts to pass through.
> --
> Will