Skip to Content
author's profile photo Former Member
Former Member

AES256 for SSO keytab

I have set up silent SSO for Crystal Reports Server 2013 (essentially the same as BI 4.1) on Windows Server 2008 and it is working using the wedgetail parameter in the Java options in tomcat, and the following lines in the krb5.ini file:

default_tgs_enctypes = rc4-hmac

default_tkt_enctypes = rc4-hmac

The next step is to take the password out of the Java parameters and set up a keytab file, but the installation standard is to use AES 256 encryption.

My questions are:
1. Is it possible to use AES encryption? I know it was not supported in the past, and
2. If AES can be used, what are the substitutions needed in krb5.ini and the ktpass command? (The ktpass command has a -crypto parameter with a value of AES256-SHA1 that I assume would be the one I need).

Add a comment
10|10000 characters needed characters exceeded

Related questions

1 Answer

  • author's profile photo Former Member
    Former Member
    Posted on Mar 31, 2014 at 11:55 AM


    I think That using AES encryption is not actually directly related to BI Business Objects version used,

    but to the Domain controller system version used for BO AD authentication as explained in Cause

    section of this KBA 1198748 - Active Directory (AD) authentication is not enabled even though it is configured for Java InfoView

    Thanks and Regards,


    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.