5b7cf5d56f
Add a helper function that returns TRUE if a PAC should be included in ticket authorization data, that can be called from both AS and TGS paths. Per [MS-KILE] 3.3.5.3, PACs are always included for TGTs; for service tickets, policy is governed by whether the client explicitly requested a PAC be omitted when requesting a TGT, or if the no-auth-data-reqd flag is set on the service principal entry.
10 KiB
10 KiB