22 July,16 at 07:25 PM
Applies to:
Centrify DirectControl On All versions
Problem:
When AD user run Centrify command 'adinfo', it hung. The error in Centrify debug show as follow:
auth|security:debug adinfo[17104936]: DEBUG base.kerberos.krb5cache Error while to resolving ccache for user, try to get next ccache.
.......
auth|security:debug adinfo[17104936]: DEBUG util.except (NotFound) : /var/krb5/security/creds: No such directory (reference util/include/path.h:238 rc: 0)
If AD user try to destroy and reinitialize his/her kerberos credential, the following error will display as follow:
$ /usr/share/centrifydc/kerberos/bin/kdestroy
kdestroy: Credentials cache permissions incorrect while destroying cache
Ticket cache NOT destroyed
$ /usr/share/centrifydc/kerberos/bin/kinit
kinit(v5): Configuration file does not specify default ream when parsing name <Adusername>
$ /usr/share/centrifydc/kerberos/bin/klist
klist: Credentials cache permissions incorrect while setting cache flags (ticket cache FILE:/var/krb5/security/creds/krb5cc_#####)
Cause:
There is a possibility that an Administrator modify the permission on /var/krb5 directory. By default the permission should be set to '755'
Resolution:
Verify and modify as root the permission on /var/krb5, it should be as follow for example:
drwxr-xr-x 3 root system 256 Oct 22 2013 krb5
# chmod 755 /var/krb5