search cancel

Unable to log in to Data Loss Prevention Enforce console

book

Article ID: 174793

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

New Users accounts unable to log into Data Loss Prevention (DLP) Enforce console. 

Message error:

Invalid Username or Password Disabled.

 

Cause

Need to use Kinit tool to find the root of the issue.

For Windows Environment:

SymantecDLP\jre\bin

kinit USER PASSWORD (in clear text)

For Linux installations:

the utility is part of the Red Hat Enterprise Linux distribution, and is in the following location: /usr/kerberos/bin/kinit. You can also download Java SE 6 and locate the kinit tool in \java_home\jdk1.6.0\bin.

If you run the Enforce Server on Linux, use the kinit utility to test access from the Enforce Server to the Active Directory server. Rename the krb5.ini file as krb5.conf. The kinit utility requires the file to be named krb5.conf on Linux.

Error Message:

KRB_Error 24 Pre-Authentication information was invalid (24)

Environment

Windows and Linux Environment.

Resolution

The Enforce Server and AD Server had different timestamp and that difference was greater than 5 minutes.

Addressed by manually time synched.

Attachments