Users are authenticating from remote AD server not local

Error -: The user failed to get authenticated to VSYADS001, which may be caused by error KRB_ERROR_KDC_S_PRICIPAL_UNKNOWN.

 

For the error, it may be caused by SPN (service principal name) unknown, which may happen when SPN was registered wrongly or wasn’t registered.

 

To fix the issue, please follow the below steps.

  1. Logon XXXADS001 and run the command to check whether SPN krbtgt/NT Authority has been registered.

setspn -q HOST/SADS001

  1. If SPN krbtgt/NT Authority has not been registered, please run the following command

setspn -s krbtgt/NT Authority SYADS001

  1. If SPN krbtgt/NT Authority has been registered wrongly, please run the following command to delete and reset

setspn -d wrongname SYADS001

setspn -s krbtgt/NT Authority SYADS001


By at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Featured Post

HPE MSA 2040 configuration step by step

HPE MSA 2040 configuration Default IP range for HP SAN storage MSA 2040 is 10.0.0.1/2 You need to connect your laptop and storage with...