Microsoft
Microsoft
MicrosoftThe two registry settings you keep mentioning are for different Kerberos Security issues.
The ApplyDefaultDomainPolicy is for this Kerberos session key encryption type changes (CVE-2022-37966) that were released in November of 2022. This update no longer works since the November Out Of Band Security Update. So if your DC's have December or later security updates installed this is ignored.
The KrbtgtFullPacSignature is for a change being made to Kerberos Privilege Attribute Certificate (CVE-2022-37967) You really should not run this registry value at 0 tbh. It should be set to 1 at a minimum or 2 and start looking for these audit events to catch what applications / servers are going to be an issue for you.
@Maxc0der88
RDP can use NTLM authentication. NTLM would still work with 2003 however Kerberos authentication is the first authentication method used unless you reference the 2003 server by IP Address then NTLM will be used.