Invalid login error is show when FAS is enabled on Rocky Linux 9.2

Invalid login error is show when FAS is enabled on Rocky Linux 9.2

book

Article ID: CTX629976

calendar_today

Updated On:

Description

  • You deploy Rocky Linux 9.x
  • FAS is configured and works fine on other OS like Windows, Ubuntu
  • Issue is seen only with RHEL 9.x or Rocky Linux 9.x
  • Invalid login prompt is thrown.
  • Preauthentication errors are noticed in ctxkrb debug tool when installed for debug purposes on the Linux VDA

Environment

Citrix is not responsible for and does not endorse or accept any responsibility for the contents or your use of these third party Web sites. Citrix is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Citrix of the linked Web site. It is your responsibility to take precautions to ensure that whatever Web site you use is free of viruses or other harmful items.

Resolution

Run the following command on the Rocky Linux/RHEL Linux 9.x version

update-crypto-policies --set DEFAULT:SHA1

Reboot the VDA

Problem Cause

The cryptographic policies are hardened in RHEL 9.x version per the article - https://access.redhat.com/documentation/fr-fr/red_hat_enterprise_linux/9/html/security_hardening/proc_re-enabling-sha-1_using-the-system-wide-cryptographic-policies

Powered by Wolken Software