Troubleshooting Kerberos Related Products
Troubleshooting Using the pamkrbval Tool
Table | Error Messages that Appear During keytab Validation | ||
|
|
| |
Error/Warning Messages | Reason for Message | Troubleshooting | |
|
|
| |
pamkrbval: Key version | The key has been | • Extract the key from the | |
number for principal in | changed on the server | Kerberos Server using the | |
key table is incorrect | but has not been | kadminl tool and copy it to | |
while reading request | updated in the user’s | your system. | |
[FAIL]: The keytab | system. | • In a CIFS environment, | |
validation failed |
| ||
|
|
| update the keytab file |
|
|
| with the current service |
|
|
| key by regenerating the |
|
|
| keytab file again. Execute |
|
|
| the following command to |
|
|
| regenerate the keytab file: |
|
|
| net ads keytab create |
|
|
| administrator |
|
|
| |
pamkrbval: Decrypt | The key has been | • Extract the key from the | |
integrity check failed | changed on the server | Kerberos Server using the | |
While getting TGT | but has not been | kadminl tool and copy it to | |
[FAIL]: The keytab | updated in the user’s | your system. | |
validation failed | system. | • In a CIFS environment, | |
|
|
| |
|
|
| update the keytab file |
|
|
| with the current service |
|
|
| key by regenerating the |
|
|
| keytab file again. Execute |
|
|
| the following command to |
|
|
| regenerate the keytab file: |
|
|
| net ads keytab create |
|
|
| administrator |
|
|
|
|
Chapter 4 | 103 |