Mar 19 2024 10:13 AM
Hello everyone!
I have situation on which I would like your input.
Our krbtgt account password was not changed for 10 years. We have service accounts whose password was not changed for 10 years. We have raised domain functional lvl 2012 around 5 years ago.
I have found information that accounts whose password was last time changed before raise of functional lvl cannot read AES encryption.
What will happen to those service accounts if we reset krbtgt password? Will they get new kerberos tickets? I am unable to find any information and do not want to kill all services.
Thank You.
Mar 19 2024 12:33 PM