Single Sign-On Authentication Failure (Negotiation Error Encryption)
Log file message:
INFORM requesthandler 408053:(Single Sign-On) Negotiation reported an error: "Failure unspecified at GSS-API level (Mechanism level: Encryption type RC4 with HMAC is not supported/enabled)". WARN requesthandler 408058 : (Single Sign-On) Failed authentication because of an negotiation error. Refer to single sign-on documentation for resolution.
Cause
The domain controller allows RC4 encryption while FME Flow does not.
Resolution
Allow FME Flow to use less secure encryption:
- On the FME Flow machine navigate to <FMEFlowDir>\Utilities\jre\conf\security
- Create a new file called krb5.conf
- Edit the new file with the following text and save:
- Restart FME Flow.
[libdefaults]
allow_weak_crypto = true