cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Recommended to roll over Kerberos decryption key Seamless Sign-on

Jeff Harlow
Iron Contributor

‎Oct 29 2019 01:59 PM - last edited on ‎Jan 14 2022 04:36 PM by

‎Oct 29 2019 01:59 PM - last edited on ‎Jan 14 2022 04:36 PM by

Recommended to roll over Kerberos decryption key Seamless Sign-on

When I am looking at my Azure AD Connect, I see a notice that it is recommended to roll over the Kerberos decryption key on my on-premise Ad for Seamless sign on.  The Microsoft Docs just mentions it is recommended every 30 days but does not explain in detail what this means or if it causes problems.  Any insight? Thanks. 

4,820 Views
0 Likes
1 Reply
Reply
1 Reply
Shawn Beckers

‎Oct 31 2019 09:47 AM

‎Oct 31 2019 09:47 AM

Re: Recommended to roll over Kerberos decryption key Seamless Sign-on

@Jeff Harlow I'm by no means an expert, but I believe rolling over the key is considered a "best practice" from a security perspective.  Not rolling over the key shouldn't cause SSO to stop working.

 

That said...you should do it.  It's a simple procedure.

0 Likes
Reply