Policy

Allow retrieving the Azure AD Kerberos Ticket Granting Ticket during logon

This policy setting allows retrieving the Azure AD Kerberos Ticket Granting Ticket during logon. If you disable or do not configure this policy setting, the Azure AD Kerberos Ticket Granting Ticket is not retrieved during logon. If you enable this policy setting, the Azure AD Kerberos Ticket Granting Ticket is retrieved during logon.

Policy
PackMicrosoft Windows
CategorySystem / Kerberos
Policy IDb104ad7067af
Internal nameCloudKerberosTicketRetrievalEnabled

Registry

Copy registry mappings

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters\CloudKerberosTicketRetrievalEnabled (enabled) = 1
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters\CloudKerberosTicketRetrievalEnabled (disabled) = 0

Policy notes

This policy setting allows retrieving the Azure AD Kerberos Ticket Granting Ticket during logon. If you disable or do not configure this policy setting, the Azure AD Kerberos Ticket Granting Ticket is not retrieved during logon. If you enable this policy setting, the Azure AD Kerberos Ticket Granting Ticket is retrieved during logon.

Related policies