Oracle Access Manager (OAM) Windows Native Authentication (WNA) Fails After Updating the "krb5.conf" File - From The Log File "Do not have keys of types listed in default_tkt_enctypes available..."
(Doc ID 2870670.1)
Last updated on SEPTEMBER 25, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.3.0 and laterInformation in this document applies to any platform.
Symptoms
Authentication failure using Windows Native Authentication (WNA) Error "Do not have keys of types listed in default_tkt_enctypes available..."
- Oracle Access Manager
- Kerberose authentication - Windows Native Authentication (WNA)
- Has been working for some time
- Issue only occurred after updating the krb5.conf file
Before (working) | After (not working) |
default_tkt_enctypes = aes128-cts-hmac-sha1-96 | default_tkt_enctypes = aes256-cts-hmac-sha1-96 |
default_tgs_enctypes = aes128-cts-hmac-sha1-96 | default_tgs_enctypes = aes256-cts-hmac-sha1-96 |
udp_preference_limit = 1 | permitted_enctypes = aes256-cts-hmac-sha1-96 |
udp_preference_limit = 1 |
- From the OAM diagnostic log ...
Changes
Updated krb5.conf to reference a different default_tkt_enctypes and default tgs_enctypes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |