Hi, FYI, it looks as if "allow_weak_crypto = true" [1] is not needed anymore for wheezy. This is at least the case for debian-lan. Best regards, Andi [1] c.f. debian-edu-config/share/debian-edu-config/tools/kerberos-kdc-init