Oracle Access Manager 11g R2PS3 (OAM 11.1.2.3): Error User account is locked due to mismatch of encryption type
(Doc ID 2278788.1)
Last updated on MAY 08, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.3.0 and laterInformation in this document applies to any platform.
Oracle is not responsible for instructions/information from 3rd party sites that may be contained in this KM note.
Symptoms
On : Oracle Access Manager 11g R2PS3 (OAM 11.1.2.3)
WNA login Fails with below error -
OAM-WNA configurations are correct and kinit is success.
klist and krb5.conf is showing AES encryption type . kinit is successful from OAM server.
$ klist -k -e -t <MIDDLEWARE_HOME>/user_projects/domains/<DOMAIN_NAME>/<KEYTAB_FILE_NAME>
Keytab name: FILE:<MIDDLEWARE_HOME>/user_projects/domains/<DOMAIN_NAME>/<KEYTAB_FILE_NAME>
KVNO Timestamp Principal
--- ----------------- --------------------------------------------------------
3 12/31/69 18:00:00 HTTP/<FQ_HOSTNAME>@<DOMAIN> (<HASH_VALUE>)
krb5.conf is configured for AES
[logging]
default =
kdc =
admin_server =
default_tkt_enctypes = AES256-SHA1
default_tgs_enctypes = AES256-SHA1
Changes
New WNA configuration
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |