How to enable AES for host authentication?

This post was originally published on this site

All ESXi hosts (ESXi 6.7 P01) are member of a Windows domain.


Currently, and as a legacy, all ESXi hosts have DES and RC4 as Kerberos Encryption Type on their Active Directory domain account.


When AES128 or AES256 is added to the Kerberos Encryption Type,

the most secure takes over and direct authentication to an ESXi host fails:

Meanwhile, these authentication methods have no problem:

  • VMware PowerCli direct connections:
    Connect-VIServer -Server
  • Connection to the vSphere web page


How can AES  be enabled for the authentication process on individual ESXi hosts?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.