I'm building an intranet python flask web application that's hosted with IIS in an active directory domain.
I'm looking to have users that access the web application update their contact information (eg. phone numbers) with pyad when they submit data to the endpoint; however, pyad uses the service account associated with the web app in IIS to authenticate and attempt to make the changes to active directory, which will fail because of permissions.
Is there support for kerberos delegation or solving the double hop?
Good day,
I'm building an intranet python flask web application that's hosted with IIS in an active directory domain.
I'm looking to have users that access the web application update their contact information (eg. phone numbers) with pyad when they submit data to the endpoint; however, pyad uses the service account associated with the web app in IIS to authenticate and attempt to make the changes to active directory, which will fail because of permissions.
Is there support for kerberos delegation or solving the double hop?