Hello, let me try to sum this up and excuse the long post.
We've had BI 4.2 installed for years now with SSO with Windows Active Directory working great, Manual AD Login and SSO.

One of our Network guys commented that he was seeing a few users in SPLUNK using RC4/0x17 encryption coming from our BI/BOBJ Server. After a bit of testing, I noticed that it was when a user was doing a Manual AD Login SPLUNK was picking up their AD Login with RC4/0x17. SPLUNK was also picking up our AD BICMS Service User with RC4/0x17 for anyone that was using SSO non-manual login.

I hit the interwebs and found the new snote: 2629070. I stepped thru this note and it was pretty much the same steps we did in the past. Except in the past, we could never get the BISSO.keytab file to work, we just had the password in the tomcat config.

I did get the keytab file to work this time following 2629070, but manual users and Service user were still showing in SPLUNK as using RC4/0x17. Long story short, i did finally get the Manual AD Login as well as SSO to work with ASE256/0x12 encryption.

The Issue that I am having now, is that the AD Alias Updates and AD Groups Update Jobs are running but they are using RC4/0x17 encryption. (CMC | Authentication | Windows AD)

Does anyone know where these jobs are stored and how I can make force/them use ASE256/0x12 encryption?

Thanks for your help.