Ticket Granting Ticket (TGT
) as used within the Kerberos
Ticket Granting Ticket is issued to the ServicePrincipalName from the Key Distribution Center (KDC) service.
Ticket Granting Ticket is a Ticket to Get Tickets (TGT) that is valid for the local Kerberos Realm (or AD DOMAIN).
Ticket Granting Ticket is encrypted with the KerberosKey Distribution Center (KDC) account's (KRBTGT's) password.
Ticket Granting Ticket has a default lifetime of 10 hours and may be renewed throughout the Kerberos client's log-on session without requiring the user to re-enter his password.
Ticket Granting Ticket is cached on the local machine in volatile memory space and used to request sessions with services throughout the network.
The following is a discussion of the TGT retrieval process.
There might be more information for this subject on one of the following: