i have users logging in to a win2k domain using their kerberos principals from a different realm (mit krb5-1.3.1). everything works as expected using single des, but if i try to use rc4-hmac first pre-authentication fails, then if i turn off the requires_preauth bits for the user's principal as well as the principal of the win domain's tgs, i get an error stating: "krb5kdc_err_etype_nosupp" on the as request. if i switch back to des:normal everything works again. i have sp4 as well as the high-encryption pack installed on a win2kpro workstation. the ad server is win2003, though i don't think i'm getting far enough for that to be a problem. any ideas why this would be happening? ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
