My Oracle Support Banner

Setting Up Kerberos With Local KDC And One-way Trust Fails (Doc ID 2054481.1)

Last updated on DECEMBER 11, 2019

Applies to:

Big Data Appliance Integrated Software - Version 4.2.0 and later
Linux x86-64

Symptoms

After enabling Kerberos in the BDA cluster and configuring a one-way trust from the AD to the local KDC on the BDA the following error is raised after successfully kiniting an Active Directory user. 

Caused by: GSSException: No valid credentials provided (Mechanism level: Fail to create credential. (63) - No service creds)
  at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:770)
  at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:248)
  at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:179)
  at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:192)
  ... 40 more
Caused by: KrbException: Fail to create credential. (63) - No service creds
  at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(CredentialsUtil.java:156)
  at sun.security.krb5.Credentials.acquireServiceCreds(Credentials.java:458)
  at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:693)
  ... 43 more

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.