I have done this many times successfully but I think this is the first time I’ve tested this with 10.4.11. When I promote a replica to a master, all seems to go normal. At least there are no errors in any logs I can find (slapdconfig, console, system). However, when a user attempts to authenticate, it fails and the KDC log contains this error:
KDC has no support for encryption type
At the same time the console log contains this error:
DirectoryService[58]: GSSAPI Error: Miscellaneous failure (Server not found in Kerberos database)
When I try to run ‘kadmin.local’ it tells me something about the Kerberos database not being properly initialized (unfortunately I did not capture the exact error before I had to revert to a replica). I think the implication is that the Kerberos database is corrupt. Has anyone encountered this problem or can someone suggest what/where I might check? TIA.
.
.
Comments are closed