Kerberos Constrained Delegation (KCD)

Enabled by the constrained delegation extension of Kerberos v5, KCD allows a service to obtain service tickets on behalf of clients once it has been presented with the appropriate service ticket obtained via protocol transition. It encompasses the act of a principal (LoadMaster’s AD account) impersonating another principal (John Smith) to gain access to a 3rd principal (application service).

Talk to Us!

Do you have application delivery questions? Our engineers would love to help!

Schedule a Call