This setting indicates that the connection to the server will be made using Windows Credentials (Kerberos / Single Signon / SSO). This means that the user's Windows profile and password is used to sign on to the server. The server must have been configured for Single Sign-On, and the user enrolled, before this can be done.
See the documentation for the CONNECT_SERVER built-in function for more details.
If Windows credentials are used, and Framework authority is in use, (See Framework properties --> User Adminstration Settings --> Use Framework users and authority), the Framework will evaluate security to Framework objects based on the IBM i user profile that the user connects as, not the user's Windows profile.
This behaviour can be changed by making your own version of the IIP called Server IIP function to validate sign on. See the source for function UF_SYSBR/UFU0005 for more details
Newlook does not currently support Windows Credentials / Kerberos connection - so it is not possible to use Kerberos to establish RAMP 5250 sessions. You may be able to work around this by using the Server IIP function to supply an ordinary profile and password (fields #CHK_NLUSR #CHK_NLPSW) for RAMP 5250 connections, when Kerberos has been used for the initial connection. See the source for function UF_SYSBR/UFU0005 for more details.
Axes 4.20 or later does support Kerberos connection, if configured for it. See Single Sign-On Support in aXes documentation for more details. The axes url would need the parameter sso=true added to it.
This property is in the Server Details tab and the Web/RAMP Details tab.