Skip to main content

Azure AD - Roll over Kerberos keys

After enabling seamless SSO, you need to roll over Kerberos decryption key every month or so.
Process is desribed on this site:

https://docs.microsoft.com/pl-pl/powershell/azure/active-directory/install-adv2?view=azureadps-2.0

However, you can need to adjust your installation on the server to run AzureAD 2.0.
Here is the short tutorial:

http://windows.ittips.eu/2019/05/azuread-20-installing-on-windows-server.html

And here the effect: