In Active Directory Users and Computers: . Open the user's properties . Click on the Account tab . Scroll down to the bottom of the Account options window . Click the checkbox labeled 'Use DES encryption types for this account.'
You may start to get warnings and/or errors in your System log from the KDC about this change, but everything should still work. On Tue, 2003-10-14 at 09:59, M. S. Sriram wrote: > Hello, > > I am trying to pass delegated credentials from Internet Explorer to > IIS, where the credentials are being accessed by an application that > only supports DES encryption types. > > I have used AD server settings to cause the original TGT (issued on > signin) to use DES-CBC-MD5, but I find (examining the client's > credential cache) that the forwarded TGT uses RSADSI-RC4-HMAC. > > Is there any way to force AD server to use only DES encryption type > for a user? (If this is not the right group for this question, I'd > appreciate a pointer to a more appropriate forum.) > > - Sriram > ________________________________________________ > Kerberos mailing list [EMAIL PROTECTED] > https://mailman.mit.edu/mailman/listinfo/kerberos -- Regards, Andrew Rechenberg Infrastructure Team, Sherman Financial Group 513.707.3809 ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
