Code 403 (Forbidden) when you use Azure Seamless Single Sign-On on Windows 10

This article can help you resolve a problem in which you receive Code 403 (Forbidden) when using Azure Seamless Single Sign-On on Windows 10.

Original product version:   Microsoft Entra ID, Windows 10
Original KB number:   4135083


The Azure Seamless Single Sign-On authentication does not work after you upgrade to Windows 10. When this problem occurs, you may receive the following error message:

Integrated Windows Authentication failed with status code 403 (Forbidden).


To resolve this problem, follow these steps:

  1. Check the following Group Policy object, and make sure that it is set to not defined:

    Network security: Configure encryption types allowed for Kerberos

    If you update the Group Policy setting, run gpupdate /force to push the changes to the devices.

  2. Start Registry Editor, and browse to the following subkey:


  3. Delete the supportedencryptiontypes DWORD entry if it exists.

  4. Restart the device.

Contact us for help

If you have questions or need help, create a support request, or ask Azure community support. You can also submit product feedback to Azure feedback community.