Have a question about the krbtgt account in an Active Directory domain. Per some government regulations, all accounts in a given domain need to have their passwords updated every 120 days. Pulling reports, the krbtgt is coming up as it hasn't been updated since October 2011.
To the best of my knowledge the krbtgt is an internaly maintined account to active direcotry and best practice is to just leave it alone as it's pivital to Kerberose. Some docs i've found say it's updated regulary but doesnt' say what events will trigger an update. Can someone help shed some light on when the account gets updated?