Policy selection for ADMX packs

Policy overview

Key metadata and intent for this policy.

ClassComputer

CategorySystem > KDC

Supported onAt least Windows Server 2012 R2, Windows 8.1 or Windows RT 8.1

Supported OS tags: Windows10, Windows10RT, Windows11, Windows81, WindowsRT81, WindowsServer2012R2, WindowsServer2016

This policy setting allows you to configure a domain controller to request compound authentication. Note: For a domain controller to request compound authentication, the policy "KDC support for claims, compound authentication, and Kerberos armoring" must be configured and enabled. If you enable this policy setting, domain controllers will request compound authentication. The returned service ticket will contain compound authentication only when the account is explicitly configured. This policy should be applied to all domain controllers to ensure consistent application of this policy in the domain. If you disable or do not configure this policy setting, domain controllers will return service tickets that contain compound authentication any time the client sends a compound authentication request regardless of the account configuration.

Internal name

RequestCompoundId

Policy ID

807b16fc3b2b

Elements

Registry values

How enabled and disabled states update the registry.

Registry location	Type	Enabled value	Disabled value
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\KDC\Parameters\RequestCompoundId	REG_DWORD	1	0

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.

Other policies in this category

Explore related policies at the same level.