I'm playing around with Windows Server and Active directory, with the goal of using Kerberos instead of NTLM for my SMB shares without joining my workstations to the domain.
I set up a primary domain controller with the required DNS entries, and doing
from my Windows 11 box works.
The problem is that if I then run
Why is Windows not caching the Kerberos tickets?
I then configured a shared folder on the DC and connecting to it using
Even if I change the local machine's
What's happening here?
I set up a primary domain controller with the required DNS entries, and doing
from my Windows 11 box works.
The problem is that if I then run
klist I only ever get
Code:
Credentials cache C:\Users\MyUserName\krb5cc_MyUserName not found.Why is Windows not caching the Kerberos tickets?
I then configured a shared folder on the DC and connecting to it using
administrator@mydomain.name works, but again no tickets cached.Even if I change the local machine's
Restrict NTLM: Outgoing NTLM traffic to remote servers GPO to Deny All, (which breaks my other SMB shares, so I know it's working) no tickets are cached.What's happening here?