I want to authenticate with Kerberos AES 128-bit encryption on Windows Server 2016.

Asked 2 years ago, Updated 2 years ago, 113 views

In Windows Server 2016 AD, any user can:
Active Directory Users and Computers > Select Any User > Properties > Account > Account Options > Check to support Kerberos AES 128-bit encryption for this account

Kerberos authentication with the above user results in a KRB5KDC_ERR_ETYPE-NOSUPP response.
I'd like to authenticate with AES 128 bits, do you know how to resolve the error?
*I do not want to authenticate with other encryption methods (such as AES256).

windows windows-server openldap ldap active-directory

2022-09-30 17:28

1 Answers

I solved myself.
I was able to authenticate by enabling AES 128 from the local security policy "Configure the types of ciphers allowed by Kerberos."

2022-09-30 17:28

If you have any answers or tips

Popular Tags
python x 4647
android x 1593
java x 1494
javascript x 1427
c x 927
c++ x 878
ruby-on-rails x 696
php x 692
python3 x 685
html x 656
Popular Questions

568 rails db:create error: Could not find mysql2-0.5.4 in any of the sources

573 Understanding How to Configure Google API Key

873 /usr/bin/google-chrome:symbol lookup error:/usr/bin/google-chrome: undefined symbol:gbm_bo_get_modifier

601 GDB gets version error when attempting to debug with the Presense SDK (IDE)

1016 In Java servlet, when SHA-256 sends WW-Authenticate header for digest authentication, the client does not return the result.

© 2024 OneMinuteCode. All rights reserved.