Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-2411: krb5-auth-dialog pop-ups

Authentication Service ,  

12 April,16 at 11:09 AM

Applies to: All versions of Centrify DirectControl on RedHat Linux.
In KDE (Redhat manager), Centrify prompts for credentials all the time as shown below. 
[title] Network Authentication
Please enter the password for 'username@DOMAIN'
Password: [..........]
Your credentials have expired
[Cancel] [Renew Ticket]
The command #adflush or #kdestroy followed by #kinit is not helping here. Parameter "krb5.cache.infinite.renewal:true" was added to /etc/centrifydc/centrifydc.conf in order to automatically reissue the user credentials when they expire. 
The parameter "krb5.cache.renew.interval = 8" inside the /etc/centrifydc/centrifydc.conf file was changed to 0 so that adclient does not renew the existing Kerberos ticket to keep existing credentials valid. 
Centrify DirectControl was restarted too. Still pop-ups occur. Any reason?

This is caused by sessions kept by KDE when the user logs out.
1. Disable the session save with "KDE Control Center -> Components ->  Session Manager -> 'check' Restore Previous Session" .
2. Clean up "~HOME/.kde/share/config/ksmserverrc" file by deleting "krb5-auth-dialog" entries.
3. Login with KDE session several times. If one process named krb5-auth-dialog <session> can be found with using ps -ef|grep krb5-auth*, this issue is resolved.
Additional information can be found from following RedHat bugs: 

(Links provided as a courtesy)