DC Replication Broken - RC4
EDIT :
Try (explanation in comments)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters\ Value Name: SupportedEncryptionTypes Type: REG_DWORD Value data : 2147483647 (Decimal)
Explanation :
-On my Test DC, i've configured the policy in question to allow all encryption types. Looking at my folder where GPO items are saved : C:\Windows\SYSVOL\sysvol\domain\policies\ There is an folder named by its object name newly created. If i open this folder and then go to Machine > Microsoft > Windows NT > Secedit > GptTmpl.ini < open this file There you can see the registry setting my policy sets. In my case it is : \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters\ Value Name: SupportedEncryptionTypes Type: REG_DWORD Value data : 2147483647 (Decimal)
-You can try setting that registry key to that value, and it should do the same as the GPO object does.
-Dont forget to restrict the policy to what encryption types you want, as the registry setting enables all.