Aug 21 2024 10:32 PM - edited Aug 21 2024 10:34 PM
We’re upgrading the AD domain from 2008R2 to 2022.
we deployed the new 2022 DC and also successfully moved the FSMO roles.
however some old 2003 servers started having issue authenticating clients, as for example connecting to file shares, with kdc errors.
“The encryption type requested is not supported by the KDC”
how can we fix it ?
is there a group policy we can apply to the 2022 DC to enable the old 2003 servers to authenticate clients ?
thanks
Sep 05 2024 02:02 PM
No there is no way to get RC4 Session keys back once the November 2022 update is installed. if you have unsupported OS's installed then you should stay with unsupported OSs for DC's or DO NOT PATCH your environment past November 2022.