Figure 1

« 
Previous
|
Risk mitigation for Active Directory
|
Next image
 »

Figure 1: Kerberos only accepts certificates for authentication whose issuing CA can be found in the NTAuth container.