This policy setting controls the Kerberos client's behavior in validating the KDC certificate. If you enable this policy ...

Windows 7

This policy setting controls the Kerberos client's behavior in validating the KDC certificate.  
      
If you enable this policy setting, the Kerberos client requires that the KDC's X.509 certificate contains the KDC key purpose object identifier in the Extended Key Usage (EKU) extensions, and that the KDC's X.509 certificate contains a dNSName subjectAltName (SAN) extension that matches the DNS name of the domain. If the computer is joined to a domain, the Kerberos client requires that the KDC's X.509 certificate must be signed by a Certificate Authority (CA) in the NTAUTH store. If the computer is not joined to a domain, the Kerberos client allows the root CA certificate on the smart card to be used in the path validation of the KDC's X.509 certificate.

If you disable or do not configure this policy setting, the Kerberos client will require only that the KDC certificate contain the Server Authentication purpose object identifier in the EKU extensions.

This policy setting controls the default color for window frames when the user does not specify a color. If you enable this ... This policy setting controls the First Run response that users see on a zone by zone basis. When a user encounters a new ... This policy setting controls the First Run response that users see on a zone by zone basis. When a user encounters a new ... This policy setting controls the installation of ActiveX controls for sites in Trusted zone. If this setting is enabled ActiveX ... This policy setting controls the Kerberos client's behavior in validating the KDC certificate. If you enable this policy ... This policy setting controls the location of the log file. The location of the file must be writable by the Event Log service ... This policy setting controls the Suggested Sites feature, which recommends sites based on the user's browsing activity. Suggested ... This policy setting controls the use of BitLocker on removable data drives. This policy setting is applied when you turn ... This policy setting controls whether a page may control embedded WebBrowser Controls via script. If you enable this policy ...