Legacy Encryption Detection (RC4 + DES)

This query identifies users, service accounts, and systems that are still using RC4-based Kerberos encryption. It analyzes authentication events to detect RC4 usage in both ticket encryption and session keys, enabling the identification of dependencies on outdated cryptographic protocols. The results help to proactively locate affected accounts and systems that may experience issues after the RC4 deactivation, supporting remediation and migration to secure encryption standards such as AES.