Use the legal Kerberos type for cache encryption

Specify the type of encryption to use when encrypting the local cache.

The encryption type you specify must be a type supported in the Kerberos environment. For example, Windows Server 2003 Kerberos supports the following cryptographic algorithms: RC4-HMAC, DES-CBC-CRC and DES-CBC-MD5.

This group policy is only used if the Encrypt adclient cache data policy is enabled. If Encrypt adclient cache data is not enabled, this policy is ignored.

This group policy modifies the adclient.cache.encryption.type setting in the Centrify DirectControl configuration file.

Supported on:

Skip items that start with

Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\Adclient
Value Name{number}
Default Value


Administrative Templates (Computers)

Administrative Templates (Users)