<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base

RC4_HMAC_MD5 Encryption for ADSSO and Microsoft Office 365 Silent Activation

Last Updated:

Okta Classic Engine
Okta Identity Engine
Directories

Overview

As of October 5, 2023, Okta no longer supports RC4_HMAC_MD5 encryption for Agentless Desktop Single Sign-On (ADSSO) and Silent Activation for Microsoft Office 365. Any users in orgs still using RC4_HMAC_MD5 encryption will have their authentication blocked in ADSSO and Office 365 Silent Activation flows.

Applies To

  • Agentless Desktop Single Sign-On (ADSSO) 
  • Microsoft Office 365 (O365) Silent Activation

Solution

If using ADSSO and Office 365 Silent Activation, update the encryption method from RC4_HMAC_MD5 to one of the alternate, supported encryption methods. Okta recommends using AES 128-bit (AES-128) or AES 256-bit (AES-256) encryption.

To make this change, use a local security policy to change the encryption settings of a single computer or server. Alternatively, implement a group policy to apply the encryption settings to multiple servers or computers in the domain, including domain controllers.

For a detailed guide, please review the article Configuration Steps to Update to AES Due to End-of-Life RC4_HMAC_MD5 Encryption for ADSSO and Silent Activation.

Recommended content

Still looking for help?
Loading
Okta Support - RC4_HMAC_MD5 Encryption for ADSSO and Microsoft Office 365 Silent Activation