Scheduled Service Change: Enabling AES on Prod MIT KDC
Authentication requests will be handled by the backup KDC and hence there will be no outage for Authentication. Netid change password and netid creations will not work for the 2 sec outage.\n\nThe Cuweblogin change will have no outage.\n
There is no workaround for this issue
We are enabling AES encryption type in the production MIT Kerberos so that cross realm authentication continues to work against production Active directory on windows 2008 R2.\n\nThis requires a restart of the KDC service. Restart takes less than 2 secs\n\nThis also requires a change in the krb5.conf file on CUWeblogin so that GuestID authentication continues to work.