Is it possible to use LsaLogonUser with kerb_certificate_s4u_logon for a computer certificate for an identification level token for a computer?
John Ashman
1
Reputation point
We want to use an enterprise issued computer certificate to authenticate to a web service by taking the public certificate on the remote server and passing it to LsaLogonUser in a kerb_certificate_s4u_logon structure to get an identification level token for the computer.
Firstly is this possible, or does that mechanism only work for Users?
Secondly what are the constraints on the certificate to allow implicit mapping of the certificate to the computer object?
Thanks
John