Scheduled Service Change: Enabling AES on Prod MIT KDC

Last Updated:

2011-09-15 04:00:00

Event:

2011-09-18 04:00:00

Status:

Closed

Brief Description:

User Impact:

Authentication requests will be handled by the backup KDC and hence there will be no outage for Authentication. Netid change password and netid creations will not work for the 2 sec outage.\n\nThe Cuweblogin change will have no outage.\n

Workaround:

There is no workaround for this issue

Current Status:

N/A

Services Affected:

Full Description:

We are enabling AES encryption type in the production MIT Kerberos so that cross realm authentication continues to work against production Active directory on windows 2008 R2.\n\nThis requires a restart of the KDC service. Restart takes less than 2 secs\n\nThis also requires a change in the krb5.conf file on CUWeblogin so that GuestID authentication continues to work.

CIT TDX ID:

Search Filters:

IT Service Alerts

Quick Links

Scheduled Service Change: Enabling AES on Prod MIT KDC