(FAQ)部分域用户登录EAS Cloud客户端和登录WEB平台认证失败

(FAQ)部分域用户登录EAS Cloud客户端和登录WEB平台认证失败
原因分析： KDC（AD域服务器）不支持某种加密算法所致。 解决方法： 可参照如下连接解决。http://download.oracle.com/javase/1.5.0/docs/guide/security/jgss/tutorials/Troubleshooting.html 如下部分： • javax.security.auth.login.LoginException: KrbException: KDC has no support for encryption type (14) - KDC has no support for encryption type Cause 1: Your KDC does not support the encryption type requested. Solution 1: Sun's implementation of Kerberos supports the following encryption types: des-cbc-md5, des-cbc-crc and des3-cbc-sha1. Applications can select the desired encryption type by specifying following tags in the Kerberos Configuration file krb5.conf: [libdefaults] default_tkt_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1 default_tgs_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1 permitted_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1 If not specified, the default value is: des-cbc-md5 des-cbc-crc des3-cbc-sha1 Cause 2: This exception is thrown when using native ticket cache on some Windows platforms. Microsoft has added a new feature in which they no longer export the session keys for Ticket-Granting Tickets (TGTs). As a result, the native TGT obtained on Windows has an "empty" session key and null EType. The effected platforms include: Windows Server 20