Disallow Kerberos authentication

This policy setting allows you to manage whether the Windows Remote Management (WinRM) service will not accept Kerberos credentials over the network.

If you enable this policy setting, the WinRM service will not accept Kerberos credentials over the network.

If you disable or do not configure this policy setting, then the WinRM service will accept Kerberos authentication from a remote client.


Supported on: At least Windows Vista
Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Microsoft\Windows\WinRM\Service
Value NameAllowKerberos
Value TypeREG_DWORD
Enabled Value0
Disabled Value1

windowsremotemanagement.admx

Administrative Templates (Computers)

Administrative Templates (Users)