deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update windows/security/identity-protection/credential-guard/considerations-known-issues.md

Browse Source 
Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
This commit is contained in:
zwhitt-microsoft 2024-06-19 15:36:44 -07:00 committed by GitHub
parent e2b4b7c3d0
commit 3203a7c6ab
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/identity-protection/credential-guard/considerations-known-issues.md
View File

@ -30,7 +30,7 @@ For WiFi and VPN connections, it's recommended to move from MSCHAPv2-based conne
## Delegation considerations
When Credential Guard is enabled, certain types of identity delegation will be unusable, as their underlying authentication schemes are incompatible with Credential Guard or require supplied credentials.
When Credential Guard is enabled, certain types of identity delegation are unusable, as their underlying authentication schemes are incompatible with Credential Guard or require supplied credentials.
When Credential Guard is enabled, [Credential Security Support Provider ("CredSSP")](/windows/win32/secauthn/credential-security-support-provider) is no longer able to use saved or sign-on (SSO) credentials, though cleartext credentials can still be supplied. CredSSP-based Delegation requires cleartext credentials to be supplied on the destination machine and will not work with SSO once Credential Guard is enabled and blocks cleartext credential disclosure. Usage of [CredSSP for delegation](/windows/win32/secauthn/credential-security-support-provider), and in general, is not recommended due to the risk of credential theft.