Kerberos is a network authentication protocol developed at the Massachusetts Institute of Technology. The Kerberos protocol uses encrypted "tickets" with client credentials and establishes transitive domain trusts.

It authenticates a user’s identity (in the someone@somewhere.com format) and securely delivers user credentials in a "ticket."

Kerberos policy is set on the Windows domain controller running Active Directory in your domain under Administrative Policy.

Kerberos policy can also run on Linux running OpenLDAP.