Received error from KDC: -1765328378/Client not found in Kerberos database

1 users found this article helpful

Symptoms

First, see How to analyze the log files to identify single-sign on (SSO) issues .

Single sign-on fails. In awingu-worker-smc.service.log, a similar error can be seen:

2021-11-15 09:49:04.956985 gateway awingu-worker-smc.service[manage.py:138627]: Using specified cache: /etc/awingu/domains/WORKSPACEDOMAIN/90b96cf4-182b-491c-b9ac-805790dc101e/kerberos/kerberos_credentials_cache
Using principal: someuser\@somedomain.org@SOMEDOMAIN.ORG
PA Option X509_user_identity = FILE:/etc/awingu/domains/WORKSPACEDOMAIN/90b96cf4-182b-491c-b9ac-805790dc101e/certificate.pem,/etc/awingu/domains/WORKSPACEDOMAIN/90b96cf4-182b-491c-b9ac-805790dc101e/private_key.pem
[64795] 1636969744.947247: Getting initial credentials for someuser\@somedomain.org@SOMEDOMAIN.ORG
[64795] 1636969744.947249: Sending unauthenticated request
[64795] 1636969744.947250: Sending request (199 bytes) to SOMEDOMAIN.ORG
[64795] 1636969744.947251: Resolving hostname somedc.somedomain.org
[64795] 1636969744.947252: Sending initial UDP request to dgram 10.1.2.3:88
[64795] 1636969744.947253: Received answer (98 bytes) from dgram 10.1.2.3:88
[64795] 1636969744.947254: Sending DNS URI query for _kerberos.SOMEDOMAIN.ORG.
[64795] 1636969744.947255: No URI records found
[64795] 1636969744.947256: Sending DNS SRV query for _kerberos-master._udp.SOMEDOMAIN.ORG.
[64795] 1636969744.947257: Sending DNS SRV query for _kerberos-master._tcp.SOMEDOMAIN.ORG.
[64795] 1636969744.947258: No SRV records found
[64795] 1636969744.947259: Response was not from master KDC
[64795] 1636969744.947260: Received error from KDC: -1765328378/Client not found in Kerberos database
[64795] 1636969744.947261: Retrying AS request with master KDC
[64795] 1636969744.947262: Getting initial credentials for someuser\@somedomain.org@SOMEDOMAIN.ORG
[64795] 1636969744.947264: Sending unauthenticated request
[64795] 1636969744.947265: Sending request (199 bytes) to SOMEDOMAIN.ORG (master)
[64795] 1636969744.947266: Sending DNS URI query for _kerberos.SOMEDOMAIN.ORG.
[64795] 1636969744.947267: No URI records found
[64795] 1636969744.947268: Sending DNS SRV query for _kerberos-master._udp.SOMEDOMAIN.ORG.
[64795] 1636969744.947269: Sending DNS SRV query for _kerberos-master._tcp.SOMEDOMAIN.ORG.
[64795] 1636969744.947270: No SRV records found
kinit: Client 'someuser\@somedomain.org@SOMEDOMAIN.ORG' not found in Kerberos database while getting initial credentials

Cause

The client is not found in the Kerberos database.

Resolution

Multiple causes lead to this error.

Was this article helpful?

Tell us how we can improve it.