Hi,
Since the Windows XP is not supported ,so i didn't have a environment for test the compatibility issues.
Also, due to there are not updates and patches for the XP clients, you may have other unexpected compatibility issues.
Here ,i would suggest you upgrade the cilents.
Best Regards,
Windows Server 2019 AD not correctly negotiating Kerberos encryption type
I have configured “Network security: Configure encryption types allowed for Kerberos” and selected RC4 along with both AES options however RC4 does not get enabled unless I uncheck every other option apart from RC4. I’m testing this by using a Windows XP client however this obviously affects many other applications that also only support RC4 encryption, including a lot of Linux clients.
I assume what’s going on is Windows is attempting to authenticate using a higher encryption type than what the requesting client support aka even though the server has RC4 enabled, it doesn’t use it unless it’s the only enabled encryption type. It works in Windows Server 2016 however something in 2019 is preventing the correct encryption type from being negotiated.
I’ve tried setting the registry key Kerberos/Parameters/DefaultEncryptionType to RC4 but it doesn’t help.
1 answer
Sort by: Most helpful
-
Fan Fan 15,281 Reputation points Microsoft Vendor
2021-03-22T01:43:15.33+00:00