Symantec Access Management

  • Private Community

  • 1.  Failed to initialize authentication scheme 'Kerberos-pp

    Posted Feb 21, 2019 05:03 AM

    I have followed all the documents mentioned in this community.

    KVNO = Matches

    KRB5_CONFIG = variable is set in .bash_profile

    krb5.conf/ini is configured as per the document with all the required parameters

    Auth Scheme is set with smps/FQDN@domain

    HTTPPrincipal is set with HTTP/FQDN@domain

    smpsprincipal is set with smps@FQDN

     

    Realms,Rules and policies are set.

     

    Our Environment

     

    CA SSO12.8.SP1

    CA Access Gateway

    AD 2012

     

     

    When i try to kerberos protected, i get the below error in smtracedefault.log

     

    [02/21/2019][10:10:51.336][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][][][][][][][][][][][][][][][][][][][**.***.***.**][Receive request attribute 208, data size is 13]
    [02/21/2019][10:10:51.336][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][][][][][][][][][][][][][][][][][][][1796e395-44fe4673-b969ca55-03517281-ecbcd0a4-618c][Receive request attribute 221, data size is 49]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][vm-ppweb-11][Receive request attribute 200, data size is 38]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][https://sts.id-test***.***][Receive request attribute 217, data size is 27]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][/krb/kerbtest.html][Receive request attribute 201, data size is 18]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][GET][Receive request attribute 202, data size is 3]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][06-000f30cd-bd0d-1c6a-be58-700a0acd0000][Receive request attribute 204, data size is 39]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][][Receive request attribute 205, data size is 0]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][][Receive request attribute 209, data size is 0]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][][Receive request attribute 212, data size is 4]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][josch***.***][Receive request attribute 210, data size is 16]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][** Not Shown **][Receive request attribute 211, data size is 2412]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][FALSE][Receive request attribute 134, data size is 5]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][AgentAuth.cpp:91][CSm_Auth_Message::ProcessAgentMessage][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][][][][][][][][][][][][][][][][][][** Received request from agent]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][AgentAuth.cpp:330][CSm_Auth_Message::AnalyzeAgentAuthMessage][][][][][][][][][][][][][][][][][][][][][Enter function CSm_Auth_Message::AnalyzeAgentAuthMessage]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][AgentAuth.cpp:403][CSm_Auth_Message::AnalyzeAgentAuthMessage][][][][][][][][][][][][][true][][][][][][][][Leave function CSm_Auth_Message::AnalyzeAgentAuthMessage]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:748][CSm_Auth_Message::AuthenticateUser][][][][][][][][][][][][][][][][][][][][][Enter function CSm_Auth_Message::AuthenticateUser]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:780][CSm_Auth_Message::AuthenticateUser][1796e395-44fe4673-b969ca55-03517281-ecbcd0a4-618c][sts.id-test***.***:443-vm-ppweb-10-11][/krb/kerbtest.html][josch@***.***][][Kerberos-PP-***.***-Allow GP][sts.id-test***.***][][][][][][][][][][][][][][Authenticating user.]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:839][CSm_Auth_Message::AuthenticateUser][][][][][][][][][][][][][][][][][][][][][IPCheck is NOT enabled for the AuthScheme.]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmAuthUser.cpp:6269][CSmAuthUser::InitRequestContext][][][][][][][][][][][][][][][][][][][][][Enter function CSmAuthUser::InitRequestContext]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmAuthUser.cpp:6286][CSmAuthUser::InitRequestContext][][][][][][][][][][][][][ok][][][][][][][][Leave function CSmAuthUser::InitRequestContext]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:552][CSm_Auth_Message::BreakupPassword][][][][][][][][][][][][][][][][][][][][][Enter function CSm_Auth_Message::BreakupPassword]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:643][CSm_Auth_Message::BreakupPassword][][][][][][][][][][][][][ok][][][][][][][][Leave function CSm_Auth_Message::BreakupPassword]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmAuthUser.cpp:4018][CSmAuthUser::AuthenticateUserDir][][][][][][][][][][][][][][][][][][][][][Enter function CSmAuthUser::AuthenticateUserDir]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmDsObj.cpp:75][CSmDsObj::CSmDsObj][][][][][][][][][][][][][][][][][][][LDAP:][][Start of call LookupProvider.]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmDsProviderMap.cpp:131][CSmDsProviderMap::LookupProvider][][][][][][][][][][][][][][][][][][][][][Enter function CSmDsProviderMap::LookupProvider]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmDsProviderMap.cpp:233][CSmDsProviderMap::LookupProvider][][][][][][][][][][][][][Ok][][][][][][][][Leave function CSmDsProviderMap::LookupProvider]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmDsObj.cpp:77][CSmDsObj::CSmDsObj][][][][][][][][][][][][][Ok][][][][][][][][Return from call LookupProvider.]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmDsDir.cpp:66][CSmDsDir::CSmDsDir][][][][][][][][][][][][][][][][][][][About to initialize directory, Oid='0e-0003edbc-2f06-1b47-bec5-700a0acd0000', Name='LDAP MP2.0 - ST'][][Start of call InitDir.]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmDsLdapProvider.cpp:1518][CSmDsLdapProvider::InitDir][][][][][][][][][][][][][][][vm-ppldap-3-4-vip***.***][61300][][][][][Using LDAP server bank #1]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmDsDir.cpp:81][CSmDsDir::CSmDsDir][][][][][][][][][][][][][][][][][][][][][Return from call InitDir.]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmDsObj.cpp:94][CSmDsObj::IsValid][][][][][][][][][][][][][][][][][][][][][Start of call IsValid.]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmDsObj.cpp:96][CSmDsObj::IsValid][][][][][][][][][][][][][1][][][][][][][][Return from call IsValid.]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmDsDir.cpp:1080][CSmDsDir::GetDirectoryVersionInfo][][][][][][][][][][][][][][][][][][][][][Enter function CSmDsDir::GetDirectoryVersionInfo]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][SmDsDir.cpp:1082][CSmDsDir::GetDirectoryVersionInfo][][][][][][][][][][][][][9][][][][][][][][Leave function CSmDsDir::GetDirectoryVersionInfo]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][smauthkerberos.cpp:183][SmAuthInit][][][][][][][][][][][][][][][][][][][][][Enter function SmAuthInit]
    [02/21/2019][10:10:51.337][10:10:51][40062][139676180944640][smauthkerberos.cpp:207][SmAuthQuery][][][][][][][][][][][][][][][][][][][][][Establishing Kerberos Principal smps/no1-ppsmpol-1.bbsas.no@***.***]
    [02/21/2019][10:10:51.343][10:10:51][40062][139676180944640][smauthkerberos.cpp:234][SmAuthQuery][][][][][][][][][][][][][][][][][][][][][Kerberos Login Failed: Internal credentials cache error (filename: /tmp/krb5cc_21154)]
    [02/21/2019][10:10:51.343][10:10:51][40062][139676180944640][smauthkerberos.cpp:243][SmAuthInit][][][][][][][][][][][][][1][][][][][][][][Leave function SmAuthInit]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmAuthServer.cpp:377][][][][][][][][][][][][][][][][][][][][][][LogMessage:ERROR:[sm-Server-02960] Failed to initialize authentication scheme 'sts.id-test***.***-Kerberos-pp']
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmAuthUser.cpp:4092][CSmAuthUser::AuthenticateUserDir][][][][josch***.***][][][][][][][][][false][][][][][][][][Cannot init Auth scheme. leave function.]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsDir.cpp:89][CSmDsDir::~CSmDsDir][][][][][][][][][][][][][][][][][][][Release DS Provider handle.][][Start of call Release.]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsDir.cpp:91][CSmDsDir::~CSmDsDir][][][][][][][][][][][][][][][][][][][][][Return from call Release.]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmAuthUser.cpp:6269][CSmAuthUser::InitRequestContext][][][][][][][][][][][][][][][][][][][][][Enter function CSmAuthUser::InitRequestContext]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmAuthUser.cpp:6286][CSmAuthUser::InitRequestContext][][][][][][][][][][][][][ok][][][][][][][][Leave function CSmAuthUser::InitRequestContext]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:552][CSm_Auth_Message::BreakupPassword][][][][][][][][][][][][][][][][][][][][][Enter function CSm_Auth_Message::BreakupPassword]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:643][CSm_Auth_Message::BreakupPassword][][][][][][][][][][][][][ok][][][][][][][][Leave function CSm_Auth_Message::BreakupPassword]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmAuthUser.cpp:4018][CSmAuthUser::AuthenticateUserDir][][][][][][][][][][][][][][][][][][][][][Enter function CSmAuthUser::AuthenticateUserDir]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsObj.cpp:75][CSmDsObj::CSmDsObj][][][][][][][][][][][][][][][][][][][LDAP:][][Start of call LookupProvider.]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsProviderMap.cpp:131][CSmDsProviderMap::LookupProvider][][][][][][][][][][][][][][][][][][][][][Enter function CSmDsProviderMap::LookupProvider]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsProviderMap.cpp:233][CSmDsProviderMap::LookupProvider][][][][][][][][][][][][][Ok][][][][][][][][Leave function CSmDsProviderMap::LookupProvider]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsObj.cpp:77][CSmDsObj::CSmDsObj][][][][][][][][][][][][][Ok][][][][][][][][Return from call LookupProvider.]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsDir.cpp:66][CSmDsDir::CSmDsDir][][][][][][][][][][][][][][][][][][][About to initialize directory, Oid='0e-000931a2-893f-18b9-81f8-700b0acd767f', Name='NetsOnline UserStore'][][Start of call InitDir.]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsLdapProvider.cpp:1518][CSmDsLdapProvider::InitDir][][][][][][][][][][][][][][][vm-ppldap-3-4-vip***.***][61500][][][][][Using LDAP server bank #1]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsDir.cpp:81][CSmDsDir::CSmDsDir][][][][][][][][][][][][][][][][][][][][][Return from call InitDir.]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsObj.cpp:94][CSmDsObj::IsValid][][][][][][][][][][][][][][][][][][][][][Start of call IsValid.]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsObj.cpp:96][CSmDsObj::IsValid][][][][][][][][][][][][][1][][][][][][][][Return from call IsValid.]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsDir.cpp:1080][CSmDsDir::GetDirectoryVersionInfo][][][][][][][][][][][][][][][][][][][][][Enter function CSmDsDir::GetDirectoryVersionInfo]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][SmDsDir.cpp:1082][CSmDsDir::GetDirectoryVersionInfo][][][][][][][][][][][][][9][][][][][][][][Leave function CSmDsDir::GetDirectoryVersionInfo]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][smauthkerberos.cpp:183][SmAuthInit][][][][][][][][][][][][][][][][][][][][][Enter function SmAuthInit]
    [02/21/2019][10:10:51.344][10:10:51][40062][139676180944640][smauthkerberos.cpp:207][SmAuthQuery][][][][][][][][][][][][][][][][][][][][][Establishing Kerberos Principal smps/no1-ppsmpol-1***.***@***.***]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][smauthkerberos.cpp:234][SmAuthQuery][][][][][][][][][][][][][][][][][][][][][Kerberos Login Failed: Internal credentials cache error (filename: /tmp/krb5cc_21154)]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][smauthkerberos.cpp:243][SmAuthInit][][][][][][][][][][][][][1][][][][][][][][Leave function SmAuthInit]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmAuthServer.cpp:377][][][][][][][][][][][][][][][][][][][][][][LogMessage:ERROR:[sm-Server-02960] Failed to initialize authentication scheme 'sts.id-test***.***-Kerberos-pp']
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmAuthUser.cpp:4092][CSmAuthUser::AuthenticateUserDir][][][][josch***.***][][][][][][][][][false][][][][][][][][Cannot init Auth scheme. leave function.]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsDir.cpp:89][CSmDsDir::~CSmDsDir][][][][][][][][][][][][][][][][][][][Release DS Provider handle.][][Start of call Release.]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsDir.cpp:91][CSmDsDir::~CSmDsDir][][][][][][][][][][][][][][][][][][][][][Return from call Release.]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmAuthUser.cpp:6269][CSmAuthUser::InitRequestContext][][][][][][][][][][][][][][][][][][][][][Enter function CSmAuthUser::InitRequestContext]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmAuthUser.cpp:6286][CSmAuthUser::InitRequestContext][][][][][][][][][][][][][ok][][][][][][][][Leave function CSmAuthUser::InitRequestContext]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:552][CSm_Auth_Message::BreakupPassword][][][][][][][][][][][][][][][][][][][][][Enter function CSm_Auth_Message::BreakupPassword]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:643][CSm_Auth_Message::BreakupPassword][][][][][][][][][][][][][ok][][][][][][][][Leave function CSm_Auth_Message::BreakupPassword]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmAuthUser.cpp:4018][CSmAuthUser::AuthenticateUserDir][][][][][][][][][][][][][][][][][][][][][Enter function CSmAuthUser::AuthenticateUserDir]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsObj.cpp:75][CSmDsObj::CSmDsObj][][][][][][][][][][][][][][][][][][][LDAP:][][Start of call LookupProvider.]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsProviderMap.cpp:131][CSmDsProviderMap::LookupProvider][][][][][][][][][][][][][][][][][][][][][Enter function CSmDsProviderMap::LookupProvider]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsProviderMap.cpp:233][CSmDsProviderMap::LookupProvider][][][][][][][][][][][][][Ok][][][][][][][][Leave function CSmDsProviderMap::LookupProvider]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsObj.cpp:77][CSmDsObj::CSmDsObj][][][][][][][][][][][][][Ok][][][][][][][][Return from call LookupProvider.]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsDir.cpp:66][CSmDsDir::CSmDsDir][][][][][][][][][][][][][][][][][][][About to initialize directory, Oid='0e-000d6db7-50ed-1a04-abe4-700a0acd5a5a', Name='NET PP LDAP'][][Start of call InitDir.]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsLdapProvider.cpp:1518][CSmDsLdapProvider::InitDir][][][][][][][][][][][][][][][vm-ppldap-3-4-vip***.***][61560][][][][][Using LDAP server bank #1]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsDir.cpp:81][CSmDsDir::CSmDsDir][][][][][][][][][][][][][][][][][][][][][Return from call InitDir.]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsObj.cpp:94][CSmDsObj::IsValid][][][][][][][][][][][][][][][][][][][][][Start of call IsValid.]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsObj.cpp:96][CSmDsObj::IsValid][][][][][][][][][][][][][1][][][][][][][][Return from call IsValid.]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsDir.cpp:1080][CSmDsDir::GetDirectoryVersionInfo][][][][][][][][][][][][][][][][][][][][][Enter function CSmDsDir::GetDirectoryVersionInfo]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][SmDsDir.cpp:1082][CSmDsDir::GetDirectoryVersionInfo][][][][][][][][][][][][][9][][][][][][][][Leave function CSmDsDir::GetDirectoryVersionInfo]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][smauthkerberos.cpp:183][SmAuthInit][][][][][][][][][][][][][][][][][][][][][Enter function SmAuthInit]
    [02/21/2019][10:10:51.350][10:10:51][40062][139676180944640][smauthkerberos.cpp:207][SmAuthQuery][][][][][][][][][][][][][][][][][][][][][Establishing Kerberos Principal smps/no1-ppsmpol-1***.****@****.****]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][smauthkerberos.cpp:234][SmAuthQuery][][][][][][][][][][][][][][][][][][][][][Kerberos Login Failed: Internal credentials cache error (filename: /tmp/krb5cc_21154)]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][smauthkerberos.cpp:243][SmAuthInit][][][][][][][][][][][][][1][][][][][][][][Leave function SmAuthInit]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthServer.cpp:377][][][][][][][][][][][][][][][][][][][][][][LogMessage:ERROR:[sm-Server-02960] Failed to initialize authentication scheme 'sts.id-test***.***-Kerberos-pp']
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthUser.cpp:4092][CSmAuthUser::AuthenticateUserDir][][][][josch***.***][][][][][][][][][false][][][][][][][][Cannot init Auth scheme. leave function.]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthorization.cpp:1414][CSmAz::IsOk][][][][][][][][][][][][][][][][][][][][][Enter function CSmAz::IsOk]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthorization.cpp:1453][CSmAz::IsOk][][][][josch***.***][][Kerberos-PP-***.***-Allow GP][sts.id-test***.***][][][][][][][][][][][][][][Start of user policy analysis for realm.]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthorization.cpp:1854][CSmAz::IsOk][][][][][][][][][][][][][][No applicable Policy found. ][][][][][][][IsOk? No.]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthorization.cpp:1856][CSmAz::IsOk][][][][][][][][][][][][][false][][][][][][][][Leave function CSmAz::IsOk]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthorization.cpp:2303][CSmAz::IsOkGlobal][][][][][][][][][][][][][][][][][][][][][Enter function CSmAz::IsOkGlobal]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthorization.cpp:2325][CSmAz::IsOkGlobal][][][][josch***.***][][Kerberos-PP-***.***-Allow GP][sts.id-test***.***][][][][][][][][][][][][][][Evaluating OnAuthAttempt global policies in the realm.]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthorization.cpp:1414][CSmAz::IsOk][][][][][][][][][][][][][][][][][][][][][Enter function CSmAz::IsOk]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthorization.cpp:1453][CSmAz::IsOk][][][][josch***.***][][Kerberos-PP-***.***-Allow GP][sts.id-test***.***][][][][][][][][][][][][][][Start of user policy analysis for realm.]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthorization.cpp:1854][CSmAz::IsOk][][][][][][][][][][][][][][No applicable Policy found. ][][][][][][][IsOk? No.]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthorization.cpp:1856][CSmAz::IsOk][][][][][][][][][][][][][false][][][][][][][][Leave function CSmAz::IsOk]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][SmAuthorization.cpp:2339][CSmAz::IsOkGlobal][][][][][][][][][][][][][0][][][][][][][][Leave function CSmAz::IsOkGlobal]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:104][g_ServerTrace][][][][][][][][][][][][][][][][][][][][Cleaning up][SmSamlDataContext::~SmSamlDataContext: Cleaning up]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:4532][CSm_Auth_Message::SendReply][][][][][][][][][][][][][][][][][][][][][Enter function CSm_Auth_Message::SendReply]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][smauthkerberos.cpp:140][SmAuthQuery][][][][][][][][][][][][][][][][][][][][][Enter function SmAuthQuery]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][smauthkerberos.cpp:167][SmAuthQuery][][][][][][][][][][][][][0][][][][][][][][Leave function SmAuthQuery]
    [02/21/2019][10:10:51.356][10:10:51][40062][139676180944640][Sm_Auth_Message.cpp:4902][CSm_Auth_Message::SendReply][s5062/r104][sts.id-test***.***:443-vm-ppweb-10-11][][josch***.***][][Kerberos-PP-***.***-Allow GP][sts.id-test***.***][NETS PP LDAP][][][][][][][][][][][][][** Status: Authentication Attempt Failed. ]

     

     

    I have tried to remove the krb5CC file and did try again, but with the same error. intermeittently i had an error which said something like

     

    "failed to get the authscheme's authschemelink attribute"

     

    Any help or advice would be really great.

     

    HubertDennis Chris_HackettUjwolujwols

     

    For some reason support.ca.com is not working... And i am not able to raise a case



  • 2.  RE: Failed to initialize authentication scheme 'Kerberos-pp

    Posted Aug 16, 2019 01:53 PM
    I have the same error message in my Kerberos Auth scheme configuration as well. Did you find a solution for this? :-)

    Original Message


  • 3.  RE: Failed to initialize authentication scheme 'Kerberos-pp
    Best Answer

    Broadcom Employee
    Posted Aug 19, 2019 02:19 AM
    Hi,

    About the error :

    Kerberos Login Failed: Internal credentials cache error (filename: /tmp/krb5cc_21154)
    Failed to initialize authentication scheme

    For investigation purpose, you can set environment variable
    KRB5CCNAME=/tmp/mycache amd KRB5RCACHETYPE=None in order set a
    specific cache file path or to disable the cache.

    What is the configuration of the /etc/krb5.conf file ?

    Best Regards,
    Patrick
    Original Message