Article ID: 296842
Article Last Modified on 2/28/2007
APPLIES TO
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional Edition
This article was previously published under Q296842
SUMMARY
This article describes the reason that Windows 2000-based clients do not use the DES-CBC-CRC encryption type.
MORE INFORMATION
Windows 2000 uses the Kerberos protocol to support the following encryption types:
- RC4-HMAC
- DES-CBC-MD5
- DES-CBC-CRC
The support, however, for the DES-CBC-CRC encryption type is primarily for Massachusetts Institute of Technology (MIT) Kerberos interoperability. If a Windows 2000 user account in configured to use DES encryption, a Windows 2000-based client requests a Ticket to Get Tickets (TGT) by using the DES-CBC-MD5 encryption type. You cannot configure a Windows 2000-based client to request a TGT by using the DES-CBC-CRC encryption type.
For additional information about Kerberos in Windows 2000, click the article number below to view the article in the Microsoft Knowledge Base:
266080 Answers to Frequently Asked Kerberos Questions
Keywords: kbinfo kbsecurity KB296842