Kerberos failures on Win 2008 R2(IIS 7.5) KDC_ERR_ETYPE_NOSUPP
Symptoms
We have migrated our web application from Windows 2003 server to Windows 2008 R2 server. The web application makes a call to another web service
on a separate server. This call is failing with 401 unauthorized error.
Cause
By default, Data Encryption Standard (DES) encryption for Kerberos authentication is disabled in Windows 7 and in Windows Server 2008 R2.
In network traces, check if the application is using DES encryption. This would be the reason why Kerberos is failing with KDC_ERR_ETYPE_NOSUPP error.
Resolution
The issue got resolved by enabling DES encryption on web server as per below article and rebooted the server.
KDC Event ID 16 or 27 is logged if DES for Kerberos is disabled