BO 4.3 Windows AD SSO does not work

Hi All,

We are going through BO 4.3 upgrade and decided to do a side by side installation. We have faced nothing but nightmares with the new 4.3 upgrade. We are facing this sso issue for a few weeks now and after not getting proper support from SAP and keep getting sent KBAs, we are turning to the community to see if someone can help or may have ideas or solution for us. We are on Windows server 2016 standard and BO 4.3 SP2 Patch 9. Version: 14.3.2.4469. We have followed the below KBA from A to Z every single step and we currently have our DEV, TEST, and PRD 4.2 environments fully functional with AD SSO enabled.

2629070 - How to Securely Integrate BI 4.2 or 4.3 with Windows Active Directory and SSO in Distributed Environments - Best Practices

SAP Knowledge Base Article, Version: 43, Released On: 16.03.2023

I can provide the logs from stderr.log from tomcat/logs directory but the two errors that we are seeing are:

KrbException: KDC has no support for encryption type (14) (This is in the stderror.log)

and the other error we see when we try to manually enter windows credentials on BILaunchpad with windows ad selected in authentication box is:

Account information not recognized: The Active Directory Authentication plugin could not authenticate at this time. Please try again. If the problem persists, please contact your technical support department. (FWM 00005)

We are really at a loss here and not sure what to do and where to go from here. Would someone chime in and point us in the right direction?