Just as Microsoft disabled the use of Weak Encryption Types in Windows 7 and Windows Server 2008 R2, Heimdal and MIT have disabled the use of weak encryption types in their latest releases. In order to use Heimdal 1.5 or MIT Kerberos 1.9 or later with OpenAFS, the weak encryption types including DES-CBC-CRC and DES-CBC-MD5 must be enabled. In Heimdal, this is performed by adding "allow_weak_crypto = true" to the [libdefaults] section of the %SystemRoot%\ProgramData\Kerberos\krb5.conf file. In MIT KFW 4.x, this is performed by adding "allow_weak_crypto = true" to the [libdefaults] section of the %SystemRoot%\ProgramData\MIT\Kerberos5\krb5.ini file.

Futures versions of OpenAFS will not have this requirement.