search cancel

Kerberos authentication scheme failing after upgrading Access Gateway

book

Article ID: 253822

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder)

Issue/Introduction

After an upgrade of Access Gateway, Kerberos authentication is failing and forms auth is being used.

In the smps.log,

"Failed to initialize authentication scheme 'internal-SPS-kerberos-AuthScheme'"

And

In the smtracedefault.log,

"Kerberos Login Failed: Pre-authentication failed: Key table file '/etc/krb5.keytab' not found"

Environment

Release : 12.8

Cause

The policy server is not able to find the keytab file.


Resolution

Ensure that:

1. The file exists in the path.

2. Permissions on the file are correct for the account running the policy server.

3. The environment pathing is correct so the file can be located by the service.