Microsoft KB Archive/296842

= Windows 2000-Based Clients Do Not Use the DES-CBC-CRC EncryptionType =

Article ID: 296842

Article Last Modified on 2/28/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition

-



This article was previously published under Q296842



SUMMARY
This article describes the reason that Windows 2000-based clients do not use the DES-CBC-CRC encryption type.



MORE INFORMATION
Windows 2000 uses the Kerberos protocol to support the following encryption types:
 * RC4-HMAC
 * DES-CBC-MD5
 * DES-CBC-CRC

The support, however, for the DES-CBC-CRC encryption type is primarily for Massachusetts Institute of Technology (MIT) Kerberos interoperability. If a Windows 2000 user account in configured to use DES encryption, a Windows 2000-based client requests a Ticket to Get Tickets (TGT) by using the DES-CBC-MD5 encryption type. You cannot configure a Windows 2000-based client to request a TGT by using the DES-CBC-CRC encryption type.

For additional information about Kerberos in Windows 2000, click the article number below to view the article in the Microsoft Knowledge Base:

266080 Answers to Frequently Asked Kerberos Questions

Keywords: kbinfo kbsecurity KB296842

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.