...
- Enable AES encryption on the PreAuth and SSO users.
- Modify the krb5.config file: Delete the insecure ciphers RC4-HMAC and 3DES-HMAC.
Customise krb5.config (unsafe)
Open the krb5.config file and add the parameter allow_weak_crypto=true to the second line of the file.