Code 403 (Forbidden) when you use Azure Seamless Single Sign-On on Windows 10
This article can help you resolve a problem in which you receive Code 403 (Forbidden) when using Azure Seamless Single Sign-On on Windows 10.
Original product version: Microsoft Entra ID, Windows 10
Original KB number: 4135083
Symptoms
The Azure Seamless Single Sign-On authentication does not work after you upgrade to Windows 10. When this problem occurs, you may receive the following error message:
Integrated Windows Authentication failed with status code 403 (Forbidden).
Resolution
To resolve this problem, follow these steps:
Check the following Group Policy object, and make sure that it is set to not defined:
Network security: Configure encryption types allowed for Kerberos
If you update the Group Policy setting, run
gpupdate /forceto push the changes to the devices.Start Registry Editor, and browse to the following subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\kerberos\parametersDelete the
supportedencryptiontypesDWORD entry if it exists.Restart the device.
Contact us for help
If you have questions or need help, create a support request, or ask Azure community support. You can also submit product feedback to Azure feedback community.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for