My Oracle Support Banner

Oracle Access Manager 11g R2PS3 (OAM 11.1.2.3): Error User account is locked due to mismatch of encryption type (Doc ID 2278788.1)

Last updated on NOVEMBER 05, 2019

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.
Oracle is not responsible for instructions/information from 3rd party sites that may be contained in this KM note.

Symptoms

On : Oracle Access Manager 11g R2PS3 (OAM 11.1.2.3)

WNA login Fails with below error -

OAM-WNA configurations are correct and kinit is success.

klist and krb5.conf is showing AES  encryption type . kinit is successful from OAM server.

$ klist -k -e -t <MIDDLEWARE_HOME>/user_projects/domains/<DOMAIN_NAME>/<KEYTAB_FILE_NAME>
Keytab name: FILE:<MIDDLEWARE_HOME>/user_projects/domains/<DOMAIN_NAME>/<KEYTAB_FILE_NAME>
KVNO Timestamp Principal
--- ----------------- --------------------------------------------------------

3 12/31/69 18:00:00 HTTP/<FQ_HOSTNAME>@<DOMAIN> (<HASH_VALUE>)

krb5.conf is configured for AES

[logging]
default =
kdc =
admin_server =
default_tkt_enctypes = AES256-SHA1
default_tgs_enctypes = AES256-SHA1

 

 

Changes

 New WNA configuration

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.