An AD Gateway has been added and the Topology Status went to Complete. After an arbitrary amount of time the status changes to Failed. It may take a week before it fails, and re-running the topology does not resolve the issue.

AD Gateway process token, and associated Kerberos ticket, expire and are not automatically renewed.

Our Engineering team is investigating this issue and will update this document when a solution becomes available. 

To work around this issue please do one of the following on the AD Gateway device:

• Schedule a daily or weekly task (depending on ticket expiration) to run: smc -restart
• Schedule reboots to occur prior to ticket expiration

CRE-11000