Installation of High Encryption Software

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

If you are migrating passwords, both the domain controller on which ADMT is installed in the target domain and the PES in the source domain require 128-bit high encryption.

Note

• Installing high encryption in a Windows NT 4.0 domain does not affect the ability of domain controllers to replicate, and does not affect the user logon process or users’ access to resources.

This encryption is standard on domain controllers running Windows Server 2003 or Windows 2000 Service Pack 3 (SP3) or later. If you plan to install ADMT on a domain controller that is running Windows 2000 SP2 or earlier, install the 128-bit high encryption pack from the Windows 2000 High Encryption Pack link on the Web Resources page at https://www.microsoft.com/windows/reskits/webresources.

For the PES in the Windows NT 4.0 source domain, install the 128-bit high encryption pack from the Windows NT 4.0 Service Pack 6a — High Encryption link on the Web Resources page at https://www.microsoft.com/windows/reskits/webresources.

Important

• The high encryption pack exists for North America Windows NT 4.0 Service Packs. If you need high encryption on an international Windows NT 4.0 domain controller, you need to install Microsoft Internet Explorer 4.1 or later and the high encryption pack for this Internet Explorer version.