AES encryption types are missing from "Active Directory SSO configuration" in "LDAP Account Unit" object

Support Center > Search Results > SecureKnowledge Details

AES encryption types are missing from "Active Directory SSO configuration" in "LDAP Account Unit" object

Technical Level

Solution ID	sk111945
Technical Level
Product	Identity Awareness
Version	R77.20, R77.30 (EOL), R80.10 (EOL), R80.20 (EOL), R80.30 (EOL), R80.40
OS	Gaia
Platform / Model	All
Date Created	21-Jun-2016
Last Modified	28-Nov-2022

Symptoms

AES encryption types are missing from "Active Directory SSO configuration" in "LDAP Account Unit" object:
1. In SmartDashboard, go to Manage menu - click on Servers and OPSEC Applications...
2. Select the LDAP Account Unit object - click on Edit... button
  Example:
3. Go to General tab - at the bottom, click on Active Directory SSO configuration button
  Example:
4. Check the box Use Kerberos Single Sign On
5. In the Ticket encryption method field, the only available encryption types are:
  - RC4-HMAC-NT
  - DES-CBC-MD5
  - DES-CBC-CRC
  AES encryption types (AES128-CTS-HMAC-SHA1 and AES256-CTS-HMAC-SHA1) are missing.
  Example:

Cause

AES encryption types are missing in configuration schema.

Solution

Note: To view this solution you need to Sign In .