RHEL integrate with AD error - KDC has no support for encryption type while getting initial credentials

Solution Verified - Updated -

Issue

  1. RHEL 8 clients joined to AD and the integration was working before November 2022.

  2. During or after November 2022, AD users started to have issues in logging in RHEL clients and this error is observed:

# kinit -k 'RHEL-HOST$@AD.EXAMPLE.COM'
kinit: KDC has no support for encryption type while getting initial credentials
  1. The issue still persists even after running this command on RHEL 8 clients:
# update-crypto-policies --set DEFAULT:AD-SUPPORT

Environment

  • Red Hat Enterprise Linux 8
  • Active Directory Domain Controllers with patches CVE-2022-37967, CVE-2022-38023 and CVE-2022-37966

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content