My Oracle Support Banner

BDA AD Kerberos Clusters with a Kerberos Encryption Type Other than AES256-CTS Fail on Step 1 of Upgrade with "ERROR: Invalid Password"/"kinit: Preauthentication failed while getting initial credentials" (Doc ID 2778804.1)

Last updated on APRIL 17, 2023

Applies to:

Big Data Appliance Integrated Software - Version 5.1.0 and later


In the images, examples and document that follow, user details, cluster names, hostnames, directory paths, filenames, etc. represent a fictitious sample (and are used to provide an illustrative example only). Any similarity to actual persons, or entities, living or dead, is purely coincidental and not intended in any manner.

Step 1 of a Mammoth upgrade fails as below on AD Kerberos clusters with a Kerberos encryption type other than AES256-CTS:

1. Upgrade fails on Step 1 with:

WARNING: The password for the Active Directory admin user is missing from the parameters file and is required for the installation.
Enter password:
Enter password again:
ERROR: Invalid Password. Check checkPassword.out for more information.
WARNING: Incorrect password
Do you wish to try again? yes/[no]: y

2. checkPassword.out contains:

kinit: Preauthentication failed while getting initial credentials

Note that bdacheckcluster will fail with the same error as well.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Solution when Upgrading to BDA 5.2
 Solution when Upgrading to BDA 5.1

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.