DC Replication Broken - RC4

EDIT :

Try (explanation in comments)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters\ Value Name: SupportedEncryptionTypes Type: REG_DWORD Value data : 2147483647 (Decimal)

Explanation :

-On my Test DC, i've configured the policy in question to allow all encryption types. Looking at my folder where GPO items are saved : C:\Windows\SYSVOL\sysvol\domain\policies\ There is an folder named by its object name newly created. If i open this folder and then go to Machine > Microsoft > Windows NT > Secedit > GptTmpl.ini < open this file There you can see the registry setting my policy sets. In my case it is : \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters\ Value Name: SupportedEncryptionTypes Type: REG_DWORD Value data : 2147483647 (Decimal)

-You can try setting that registry key to that value, and it should do the same as the GPO object does.

-Dont forget to restrict the policy to what encryption types you want, as the registry setting enables all.