KDC has no support for encryption type (14)
Stab in the dark here on the correct forum so apologies if not correct.I have a Windows Server 2008 Domain running in mixed mode with Server 2003 R2 domain members. We are currently testing RIMs Blackberry Enterprise solution and receiving KDC has no support for encryption type (14) in some of the application logs.I understand this is related to the mixed environment because Ive read it works on Native 2008 and Native 2003. RIM offer no support and claim its a Java and KDC issue.Is there away to fix this I have tried a reg key that sets allowtgtsessionkey = 1 in Kerberos Parameters in the Reg.Thanksmkc
May 14th, 2009 4:55pm

Hi, Please change the password of the user account to see if the issue goes away. Event ID 14 Kerberos Key Integrity http://technet.microsoft.com/en-us/library/cc733991.aspx If the issue persists, open Active Directory Users and Computers, right-click the user account, select Properties, click Account tab, select the check box Use DES encryption types for this account under Account options. After that, change the password again and check the result. Hope it helps.
Free Windows Admin Tool Kit Click here and download it now
May 19th, 2009 6:26am

Was there ever a fix for this? having the same issue
September 7th, 2009 4:17pm

I raised the Domain Functional Level to 2008 native and worked. No other solution found... It's time to upgrade all DCs to 2008...godog
Free Windows Admin Tool Kit Click here and download it now
January 23rd, 2010 1:05am

Were you ever able to fix this, without raising the functional level of the domain? I have attempted all of the fixes that are outlined here to no again.
February 2nd, 2010 11:48pm

is it 2K8 or 2K8R2? if you can get a network capture of the failure on the dc and the client let me know and we can take a look and let you know what's going on./richhttp://cbfive.com/blog
Free Windows Admin Tool Kit Click here and download it now
February 3rd, 2010 10:16am

the actual message is being generated on a BlackBerry Enterprise Server. It is as follows:javax.security.auth.login.LoginException: _performLogin LOGIN ERROR: login returned exception (invalid authentication) com.rim.bes.bas.pluginmanager.InvalidAuthenticationException: Message: 'LOGIN ERROR: loginLocal failed to authenticate user bestest1 in domain casham.com, KDC=DC.domain.com javax.security.auth.login.LoginException: KDC has no support for encryption type (14)', nested exception: 'KDC has no support for encryption type (14)'The DC that is acting as a KDC in this instance is 2K8. The environment is Windows Server 2003 functional level, with mixed DC's.
February 3rd, 2010 5:07pm

thanks kulasti, can you get a network trace on both ends during the failure event?/richhttp://cbfive.com/blog
Free Windows Admin Tool Kit Click here and download it now
February 4th, 2010 4:39pm

Joson Zhou's method can fix this issue perfectly!
June 10th, 2010 12:04am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics