My guess is that the DES only checkbox is checked in your AD configuration for the service account used by the Apache server. If you clear that checkbox and generate a keytab including both RC4 and DES keys then I suspect allow_weak_crypto will not be needed.
I'm sorry, but I do not have instructions for generating an RC4 keytab off the top of my head. --Sam -- krb5 and ADS error using 10.04, not 9.04 https://bugs.launchpad.net/bugs/567188 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs