Getting a DES-encrypted TGT from AD server
M. S. Sriram
mssriram at arkinsys.com
Tue Oct 14 09:59:58 EDT 2003
Hello,
I am trying to pass delegated credentials from Internet Explorer to
IIS, where the credentials are being accessed by an application that
only supports DES encryption types.
I have used AD server settings to cause the original TGT (issued on
signin) to use DES-CBC-MD5, but I find (examining the client's
credential cache) that the forwarded TGT uses RSADSI-RC4-HMAC.
Is there any way to force AD server to use only DES encryption type
for a user? (If this is not the right group for this question, I'd
appreciate a pointer to a more appropriate forum.)
- Sriram
More information about the Kerberos
mailing list