2026-04 Update Breaks Domain Logins

I have an Active Directory domain that is old (from 2000!) that has been upgraded and moved to newer versions of Windows Server and Active Directory.   I have domain controller VMs running Windows Server 2025 Standard Edition.  Unfortunately they installed the latest 2026-04 patches which my have changed the Kerberos encryption from RC4 to AES.  This has resulted in my not being able to log into any Active Directory domain accounts and the domain controllers themselves.  I can only log into workstations using the local account.

Suffice to say this a nightmare.  Any ideas how to fix it since I can't access the usual tools like Active Directory Users and Computers, Hyper-V won't connect to the VMs, etc.  Thanks.

S