Restoring failed state of VCF Automation using Fleet manager results in an interruption to the PowerShell plugin authenticating using Kerberos.

Error in (Workflow:Invoke a PowerShell script / Invoke script (item0)#4) Invalid name provided (Mechanism level: KrbException: Cannot locate default realm)
INFO WinRM Error

VCF Automation 9.0.x

Kerberos configuration (`krb5.conf`) is not being backed up and, consequently, is not restored.

This is a known issue and going to be fixed in VCF Automation 9.2

Workarounds:

1. Manual Restore: Create the krb5.conf file manually either using nano or cat
   
   1. Get the vmware-system-user password and ssh into VCFA appliance: Get SSH Password for VCF Automation 9.0.x or VCF Identity Broker 9.0.x
   2. Login as root: 

      sudo -i

   3. Define the Kubernetes config file:

      export KUBECONFIG=/etc/kubernetes/admin.conf

   4. Login into the vco-app container:

      kubectl -n prelude exec -it vco-app-0 -c vco-server-app -- bash

   5. Create the /usr/lib/vco/app-server/conf/krb5.conf file: 

      touch /usr/lib/vco/app-server/conf/krb5.conf

   6. Put the krb5.conf content into the file
      1. (Option 1) Using nano:

         nano /usr/lib/vco/app-server/conf/krb5.conf

      2. (Option 2) Using cat:

         cat << EOF > /usr/lib/vco/app-server/conf/krb5.conf
         [libdefaults]
           default_realm = YOURDOMAIN.COM
         [realms]
           YOURDOMAIN.COM = {
             kdc = dc.yourdomain.com
             default_domain = yourdomain.com
           }
         [domain_realm]
           .yourdomain.com=YOURDOMAIN.COM
           yourdomain.com=YOURDOMAIN.COM
         EOF

   7. (For clustered environments)
      Repeat Steps 4, 5, 6 for vco-app-1, vco-app-2
2.  Permanent Fix: Switch to an external Orchestrator, which will preserve the krb5.conf file during backup and restore.