Invalid password for Kerberos authentication
This error message from the Active Directory server indicates that the password in the keytab file is incorrect for the specified principal.
amAuthWindowsDesktopSSO:06/24/2011 02:18:31:590 PM CDT: Thread[http-8443-1,5,main]
ERROR: Service Login Error:
amAuthWindowsDesktopSSO:06/24/2011 02:18:31:590 PM CDT: Thread[http-8443-1,5,main]
Stack trace:
javax.security.auth.login.LoginException: Pre-authentication information was invalid (24)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:696)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
ERROR: Service Login Error:
amAuthWindowsDesktopSSO:06/24/2011 02:18:31:590 PM CDT: Thread[http-8443-1,5,main]
Stack trace:
javax.security.auth.login.LoginException: Pre-authentication information was invalid (24)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:696)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
Verify that the password is correct. Confirm that there are no unsupported characters in the username or password.
- Supported characters: ~, @, *, _, ., -, +, :, ?, /, {, }, [, ]
- Unsupported characters: !, #, $, %, ^, (, ), &, =, ', ", ;, >, <, |, comma, \
If the password is not correct, make the relevant changes, and generate the keytab file.
Also ensure to generate the keytab file if the password has been changed since the last time the file was generated.
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*