Microsoft KB Archive/296842

From BetaArchive Wiki
Knowledge Base


Windows 2000-Based Clients Do Not Use the DES-CBC-CRC EncryptionType

Article ID: 296842

Article Last Modified on 2/28/2007


APPLIES TO

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition


This article was previously published under Q296842

SUMMARY

This article describes the reason that Windows 2000-based clients do not use the DES-CBC-CRC encryption type.

MORE INFORMATION

Windows 2000 uses the Kerberos protocol to support the following encryption types:

  • RC4-HMAC
  • DES-CBC-MD5
  • DES-CBC-CRC

The support, however, for the DES-CBC-CRC encryption type is primarily for Massachusetts Institute of Technology (MIT) Kerberos interoperability. If a Windows 2000 user account in configured to use DES encryption, a Windows 2000-based client requests a Ticket to Get Tickets (TGT) by using the DES-CBC-MD5 encryption type. You cannot configure a Windows 2000-based client to request a TGT by using the DES-CBC-CRC encryption type.

For additional information about Kerberos in Windows 2000, click the article number below to view the article in the Microsoft Knowledge Base:

266080 Answers to Frequently Asked Kerberos Questions


Keywords: kbinfo kbsecurity KB296842



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/296842&oldid=162419
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki