Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-3616: Unable to enroll devices with FIPS enabled

Centrify Identity Service, App Edition ,  

12 April,16 at 11:47 AM

Applies to: Centrify Identity Service

Problem:
After installation of the Centrify Cloud Management Suite, the Connection tests for Certificates and Cloud to Proxy Communications checks will fail. Device enrollment attempts will not complete and the following error is displayed: 

"Warning: network environment validation has failed for one or more required portions. This environment may not be appropriately configured to support the Cloud Proxy Server component at this time" 

 

 

 

 

 

 

 

 

 

 

 

 

 




 




Cause:
This error can be displayed if System Cryptography: use FIPS compliant algorithm is enabled in Group Policy. The Centrify Cloud Proxy is not currently FIPS compatible 

Solution:
The System Cryptography: use FIPS compliant algorithm option must be disabled in Group Policy to allow Cloud to Proxy server communications. FIPS can be disabled by performing the following: 

1. Open Group Policy Management and edit the Default Domain Policy GPO

2. In the Group Policy Management Editor, navigate to:

  Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > Security Options > System Cryptography: Use FIPS compliant algorithms for encryption, hashing and signing

3. Disable the policy for FIPS

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.