Oracle Access Manager (OAM) Windows Native Authentication (WNA) Fails After Updating the "krb5.conf" File - From The Log File "Do not have keys of types listed in default_tkt_enctypes available..."
(Doc ID 2870670.1)
Last updated on MAY 20, 2022
Applies to:Oracle Access Manager - Version 184.108.40.206.0 and later
Information in this document applies to any platform.
Authentication failure using Windows Native Authentication (WNA) Error "Do not have keys of types listed in default_tkt_enctypes available..."
- Oracle Access Manager
- Kerberose authentication - Windows Native Authentication (WNA)
- Has been working for some time
- Issue only occurred after updating the krb5.conf file
|Before (working)||After (not working)|
|default_tkt_enctypes = aes128-cts-hmac-sha1-96||default_tkt_enctypes = aes256-cts-hmac-sha1-96|
|default_tgs_enctypes = aes128-cts-hmac-sha1-96||default_tgs_enctypes = aes256-cts-hmac-sha1-96|
|udp_preference_limit = 1||permitted_enctypes = aes256-cts-hmac-sha1-96|
|udp_preference_limit = 1|
- From the OAM diagnostic log ...
Updated krb5.conf to reference a different default_tkt_enctypes and default tgs_enctypes
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document