I want to authenticate with Kerberos AES 128-bit encryption on Windows Server 2016.

Asked 1 years ago, Updated 1 years ago, 83 views

In Windows Server 2016 AD, any user can:
Active Directory Users and Computers > Select Any User > Properties > Account > Account Options > Check to support Kerberos AES 128-bit encryption for this account

Kerberos authentication with the above user results in a KRB5KDC_ERR_ETYPE-NOSUPP response.
I'd like to authenticate with AES 128 bits, do you know how to resolve the error?
*I do not want to authenticate with other encryption methods (such as AES256).

windows windows-server openldap ldap active-directory

2022-09-30 17:28

1 Answers

I solved myself.
I was able to authenticate by enabling AES 128 from the local security policy "Configure the types of ciphers allowed by Kerberos."

2022-09-30 17:28

If you have any answers or tips

Popular Tags
python x 4647
android x 1593
java x 1494
javascript x 1427
c x 927
c++ x 878
ruby-on-rails x 696
php x 692
python3 x 685
html x 656
Popular Questions

928 In Java servlet, when SHA-256 sends WW-Authenticate header for digest authentication, the client does not return the result.

519 Unable to install versioned in Google Colab

520 Scrap text information after the "View More" button when searching in the Yahoo! News search window

514 rails db:create error: Could not find mysql2-0.5.4 in any of the sources

493 The method of the class of the application that I am creating in Typescript does not work as I expected.

© 2024 OneMinuteCode. All rights reserved.