Action required by all Kerberos users before Feb. 1

FINAL NOTICE:  Computing is being required to deprecate insecure encryption methods, such as DES/3DES, in the FNAL.GOV Kerberos realm.

If you own or use a Kerberized computer and the associated principals are configured to use DES/3DES, you must re-key these principals immediately by following the instructions in this article: https://fermi.servicenowservices.com/kb_view.do?sysparm_article=KB0013251. We will begin deactivating principals that have not been rekeyed this week.

• If you are using a Kerberized computer, you may be at risk of losing access to this computer if the party responsible has not already updated the keys. Therefore, if you are not sure that the responsible individual has done this for a Kerberized computer you own or access, let us know immediately at rekey-questions@fnal.gov.