Errors logging in with Kerberos after Security Prinicpal password modified

  • 7024086
  • 23-Aug-2019
  • 23-Aug-2019


ZENworks Configuration Management 2017 Update 4


After changing password of the user principal in Active directory users can't login to ZENworks using Kerberos.

ERROR (from ats.log):

[ATS] [123] [zenworks] [CASAServer] [] [(ClientAddr=] [authtoksvc.Krb5Authenticate] [] [] [CASA]
[ATS] [123] [zenworks] [CASAServer] [] [(ClientAddr= Constructor()- GSS Exception caught: Failure unspecified at GSS-API level (Mechanism level: Checksum failed)] [authtoksvc.Krb5Authenticate$Krb5Token] [] [] [CASA]
[ATS] [123] [zenworks] [CASAServer] [] [(ClientAddr= Exception: java.lang.Exception: Authentication Failure] [authtoksvc.Krb5Authenticate] [] [] [CASA]
[ATS] [123] [zenworks] [CASAServer] [] [(ClientAddr= identId not resolved] [authtoksvc.Authenticate] [] [] [CASA]


If the security principal password changes, a new keytab file must be created and uploaded to ZCC per the documentation.