-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi!
Sorry for a bit OT question:
I want to extend our AD with a Windows 2008R2 server with KDC enabled.
Now I know I need to enable DES enctype again to be able to use OpenAFS
with such a KDC, but I am a bit lost where to enable this.
Found a few poin
Lars:
I did get past the issuing of DES tickets. I have other problems (see my
recent message to the list), but I did enable DES tickets on 2008R2. I did
the following (not all may be required).
- In the DC's Local Security Policy, I enabled all ciphers by checking all
6 boxes at Security Se
On 3/4/2010 7:44 PM, Stephen Joyce wrote:
> - Add a REG_DWORD (32 bit) named KdcUseRequestedEtypesForTickets with
> value 1 at HKLM\SYSTEM\CurrentControlSet\services\kdc. Without this, the
> DC won't talk DES to clients, even if you do extract a DES-only keytab
> (you'll see "KDC has no support fo
Hi!
Right now I got time and tried:
On 05.03.2010 01:44, Stephen Joyce wrote:
> Lars:
>
> I did get past the issuing of DES tickets. I have other problems (see my
> recent message to the list), but I did enable DES tickets on 2008R2. I
> did the following (not all may be required).
>
> - In the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi!
Just want to inform you, there need to be a patch applied on my Win
2008R2 x64 server.
http://support.microsoft.com/?kbid=978055
was the one in question obtained from Microsoft Support and now I obtain
tokens with those tickets from the Win2008R2
