Overview #
The TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION is a user-Account-Control Attribute Value that implies the account is enabled for delegation as described in SECURITY_IMPERSONATION_LEVEL.
This is a security-sensitive setting. Accounts that have this option enabled should be tightly controlled.
This setting lets a service that runs under the account assume a client's identity and authenticate as that user to other remote servers on the network.
