Retire DAS Encryption
Knowledge Article 125812 work around advocates enabling DES (an encryption that has been superseded since 2002, it is now 2014). Please update to AES Encryption for currently Microsoft supported Windows OSs (XP has been retired)
Microsoft describes "DES is considered weak cryptography and is no longer enabled by default in Kerberos authentication in Windows 7 and Windows Server 2008 R2."
We don't need security issues with K1000.
Not possible to migrate AD to Server 2012 R2, DES NOT SUPPORTED!!