Overview #
The TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION is a
user-Account-Control Attribute Value that implies the account is enabled for
delegation as described in
SECURITY_IMPERSONATION_LEVEL.
This is a security-sensitive setting. Accounts that have this option enabled should be tightly controlled.
This setting lets a service that runs under the account assume a client's identity and authenticate as that user to other remote servers on the network.
There might be more information for this subject on one of the following: