SCM Error 1722

[mc-0815]

In my setup the krbscm action will not lead to a system shell. I am getting SCM opening error 1722

[*] Using ticket to connect to Service Manger
[*] AcquireCredentialsHandleHook called for package N
[*] Changing to Kerberos package
[*] AcquireCredentialsHandleHook called for package N
[*] Changing to Kerberos package
[*] InitializeSecurityContextHook called for target R
[*] InitializeSecurityContext status = 0x00090312
[-] Error opening SCM: 1722

asktgs works, the ticket with correct SPN exists in the cache and the target user is a local admin. When observing the RPC call to 127.0.0.1 I can recognize that the rpc bind call is not successful. Response is bind_nak Reject reason is 0x09 (invalid_checksum) which according to MS doc means This rejection code is used when an unrecoverable error is detected by the underlying security package.

Any idea which (hardening) configuration might be responsible for this behaviour? Afaik there exists no concrete guidance how to prevent the UAC bypass.

Otherwise how I can further debug the issue?

Thanks.