Newly MCS created LVDA machines are unregistered due to missing /etc/krb5.keytab file

Newly MCS created LVDA machines are unregistered due to missing /etc/krb5.keytab file

book

Article ID: CTX483261

calendar_today

Updated On:

Description

krb5.keytab has not been created due to timeout.
 

Error in ad_join.log:

Updating /etc/krb5.keytab

Retry time: 1, sleeping 2 seconds before creating keytab file...

kerberos_kinit_password XXXXX$@XXXX.COM failed: Client not found in Kerberos database

Error: Kerboros keytab creation failed!

Retry time: 2, sleeping 2 seconds before creating keytab file...

kerberos_kinit_password XXXXX$@XXXX.COM failed: Client not found in Kerberos database

kerberos_kinit_password XXXXX$@XXXX.COM failed: Client not found in Kerberos database

Error: Kerboros keytab creation failed!

Retry time: 3, sleeping 2 seconds before creating keytab file...

kerberos_kinit_password XXXXX$@XXXX.COM failed: Client not found in Kerberos database

kerberos_kinit_password XXXXX$@XXXX.COM failed: Client not found in Kerberos database

Error: Kerberos keytab creation failed!

Resolution

Extend the timeout value by editing /var/xdl/mcs/mcs_util.sh:
1. Locate "Sleep 2" under "log_echo "Retry time: $retry_num, sleep 2..."
2. Modify "Sleep 2" to "Sleep 20"
3. Extend the timeout from 2 seconds to 20 seconds.

Problem Cause

The creation process of krb5.keytab has timed out exceeding the default timeout value. 

 

Powered by Wolken Software