Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-7243: ADuser cannot run 'adinfo' command, getting krb5cache error

Authentication Service ,  

22 July,16 at 07:25 PM

Applies to: 

Centrify DirectControl On All versions


When AD user run Centrify command 'adinfo', it hung.  The error in Centrify debug show as follow:

auth|security:debug adinfo[17104936]: DEBUG base.kerberos.krb5cache Error while to resolving ccache for user, try to get next ccache. 
auth|security:debug adinfo[17104936]: DEBUG util.except (NotFound) : /var/krb5/security/creds: No such directory (reference util/include/path.h:238 rc: 0) 

If AD user try to destroy and reinitialize his/her kerberos credential, the following error will display as follow:

$ /usr/share/centrifydc/kerberos/bin/kdestroy
kdestroy: Credentials cache permissions incorrect while destroying cache
Ticket cache NOT destroyed
$ /usr/share/centrifydc/kerberos/bin/kinit
kinit(v5): Configuration file does not specify default ream when parsing name <Adusername>
$ /usr/share/centrifydc/kerberos/bin/klist
klist: Credentials cache permissions incorrect while setting cache flags (ticket cache FILE:/var/krb5/security/creds/krb5cc_#####)


There is a possibility that an Administrator modify the permission on /var/krb5 directory.  By default the permission should be set to '755'


Verify and modify as root the permission on /var/krb5, it should be as follow for example:

drwxr-xr-x   3 root      system       256 Oct 22 2013      krb5

# chmod 755 /var/krb5