Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, May 14, 2009 1:55 PM
Stab in the dark here on the correct forum so apologies if not correct.
I have a Windows Server 2008 Domain running in mixed mode with Server 2003 R2 domain members. We are currently testing RIMs Blackberry Enterprise solution and receiving KDC has no support for encryption type (14) in some of the application logs.
I understand this is related to the mixed environment because Ive read it works on Native 2008 and Native 2003. RIM offer no support and claim its a Java and KDC issue.
Is there away to fix this I have tried a reg key that sets allowtgtsessionkey = 1 in Kerberos Parameters in the Reg.
Thanksmkc
All replies (7)
Tuesday, May 19, 2009 3:26 AM ✅Answered | 3 votes
Hi,
Please change the password of the user account to see if the issue goes away.
Event ID 14 — Kerberos Key Integrity
http://technet.microsoft.com/en-us/library/cc733991.aspx
If the issue persists, open Active Directory Users and Computers, right-click the user account, select Properties, click Account tab, select the check box Use DES encryption types for this account under Account options. After that, change the password again and check the result.
Hope it helps.
Monday, September 7, 2009 1:17 PM
Was there ever a fix for this? having the same issue
Friday, January 22, 2010 10:05 PM
I raised the Domain Functional Level to 2008 native and worked. No other solution found... It's time to upgrade all DCs to 2008...godog
Tuesday, February 2, 2010 8:48 PM
Were you ever able to fix this, without raising the functional level of the domain? I have attempted all of the fixes that are outlined here to no again.
Wednesday, February 3, 2010 2:07 PM
the actual message is being generated on a BlackBerry Enterprise Server. It is as follows:
javax.security.auth.login.LoginException: _performLogin LOGIN ERROR: login returned exception (invalid authentication) com.rim.bes.bas.pluginmanager.InvalidAuthenticationException: Message: 'LOGIN ERROR: loginLocal failed to authenticate user bestest1 in domain casham.com, KDC=DC.domain.com javax.security.auth.login.LoginException: KDC has no support for encryption type (14)', nested exception: 'KDC has no support for encryption type (14)'
The DC that is acting as a KDC in this instance is 2K8. The environment is Windows Server 2003 functional level, with mixed DC's.
Wednesday, June 9, 2010 9:04 PM
Joson Zhou's method can fix this issue perfectly!
Thursday, February 28, 2019 11:24 AM
Facing similar issue. Has this been ever resolved? Appreciate the help in advance.