[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Preauthentication failed

On Thu, 24 May 2007 15:52:40 +0200
Florian Erfurth <floh-erfurth@arcor.de> wrote:

> Markus Moeller wrote:
> > As I said in a previous mail DES might have a problem with salt values
> > which don't exist when using RC4. Also RC4 is a stringer encryption and
> > should be
> > prefered over DES.  The new ktpass have a -crypto : RC4-HMAC-NT option
> > which is the default.
> Ah, thank you. Unfortunatelly there is no -crypto : RC4-HMAC-NT. It seems
> that we don't have the newest version of ktpass. Now I have to find out how
> to upgrade ktpass without upgrading to Win2k3 SP2 R2.

Hi Florian,

The latest ktpass.exe is in the 'Windows Server Support Tools'
package. You can download it from MS' website.

Also, regarding your other question, create a Computer account and use
RC4. You can also use a User account provided that your policy allows
you to set the 'Password does not expire' flag.


Michael B Allen
PHP Active Directory Kerberos SSO