Oracle Access Manager (OAM) WNA - After Enabled The Kerberos AES 128 And AES 256 Encryption, The WNA Login Fails With The Error: "javax.security.auth.login.LoginException: no supported default etypes for default_tkt_enctypes" (Doc ID 2808983.1)

Last updated on MAY 21, 2024

Applies to:

Oracle Access Manager - Version 12.2.1.4.0 and later
Information in this document applies to any platform.

Windows Native Authentication (WNA) Fails "The user account is locked or disabled. Please contact the System Administrator"

WNA was working until the Keberos AES 128 and AES 256 encryption on the service account for OAM was enabled.
The OAM Server logs shows following error:

JCE crypto policy for the JDK1.8 has already been installed and configured
Followed the two KM notes, but the issue was not resolved. Oracle Access Manager 11g R2PS3 (OAM 11.1.2.3) Login With Kerberos Authentication Fails (Doc ID 2540094.1) and Oracle Access Manager 11g R2PS3 (OAM 11.1.2.3): Error User account is locked due to mismatch of encryption type (Doc ID 2278788.1)
Created new service account for OAM (ktpass), but still the same isse

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Symptoms

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.