Kerberos error : Could not retrieve proxy ticket from KDC for domain (UNAB)
search cancel

Kerberos error : Could not retrieve proxy ticket from KDC for domain (UNAB)

book

Article ID: 277739

calendar_today

Updated On:

Products

CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

Having this error

ServerName uxauthd[5174]: Internal credentials cache error when initializing cache /opt/CA/uxauth/etc/uxauth.cc-zzz.private
ServerName uxauthd[5174]: Could not retrieve proxy ticket from KDC for domain 'domain.private', error = -1765328188.
ServerName uxauthd[5174]: Error while creating a Ticket Granting Ticket. Detailed info: Internal credentials cache error.
                          Enable agent debugging with the 'debug_level' token and check later the 'agent_debug' file
                          for details.
ServerName uxauthd[5174]: failed to complete initialization. Exiting
ServerName uxauthd[5506]: UNAB Agent daemon failed to start. Please see logfile /tmp/uxauthd.run_4837

Environment

UNAB + PAMSC 14.1 cp04

Cause

kerberos error about the ticket, likely because you have changed the FQDN

environment not moving between kerberos realms or different domains

Resolution

You need to execute this commands on UNAB endpoint


uxconsole -krb -destroy

to clear the kerberos cache

then

uxconsole -register (with whatever options)

and then

uxconsole -krb -init

to initialize kerberos cache and ticket

Powered by Wolken Software