This is the 4th week in my course and I think I will be uploading 1 video a week in regards to different attack paths. This video is a bit different as I am explaining the steps on what I do, and how it all works out. For me, I think recording this and explaining the steps helps me understand it more, so hopefully I will do more of this in the future.
From an Attacking point of view, the flaw of Constrained delegation is that you can acces the service under msDS-AllowedToDelegateTo as ANY user. This is massive, as I demonstrate that I am able to impersonate a Domain Administrator.
Click on this link to view the Video