AES encryption types are missing from "Active Directory SSO configuration" in "LDAP Account Unit" object:
In SmartDashboard, go to Manage menu - click on Servers and OPSEC Applications...
Select the LDAP Account Unit object - click on Edit... button
Go to General tab - at the bottom, click on Active Directory SSO configuration button
Check the box Use Kerberos Single Sign On
In the Ticket encryption method field, the only available encryption types are:
AES encryption types (AES128-CTS-HMAC-SHA1 and AES256-CTS-HMAC-SHA1) are missing.
AES encryption types are missing in configuration schema.