Constrained Delegation in Windows
The majority of sites around the web discuss constrained delegation in terms of web applications, SQL Server, or specialty services. There's not a whole lot of discussion on programmatic delegation, and I have yet to find a step-by-step guide for writing code that wants to take advantage of constrained delegation. I thought I'd write one. I've created a scenario where a domain user runs a program that sends messages to a message receiver program. When the receiver gets a message, it impersonates the sender and then displays the message. Because I'm going to need an Active Directory domain environment, I've created 3 virtual machines: dc.example.com - windows server 2008 R2 domain controller example-server.example.com - windows server 2008 R2 app server wkstation.example.c om - windows 7 workstation I've set up a few accounts in the domain: John@example.com - user account - will be sending messages msgSvc@example.com - service account - will be receiving