Assurance

[Christopher A Spadanuda <>]

Hi All,

We are working with a faculty member on campus who uses OpenAFS for one of 
his courses. OpenAFS only supports DES encryption. The faculty member would 
like use Active Directory for Authentication.  Our AD is currently Windows 
2008 R2. By default DES is not enabled. 

If we set the Domain Controller Group Policy Object to specifically allow DES 
encryption on the DC's and then allow DES on the Keberos service principal in 
AD are we going to create a situation which makes silver assurance difficult 
or impossible?  

While the cookbook talks about DES encryption in relationship to LM 
passwords, I don't believe that it addresses this specific use case.  Unless 
of course I am missing something.

Thanks,

Chris
___________________________________________________
Chris Spadanuda, Middleware and Identity Management Group Manager
University Information Technology Services
University of Wisconsin–Milwaukee
Office Phone: 414 229-5832 | E-mail: 

Cell Phone: 414 507-4761



>>