secd.kerberos.preauth error caused by ONTAP admin access by domain user with incorrect password
Applies to
- ONTAP 9
- Cluster management
- CIFS
Issue
- In
event log show
Wed Apr 12 23:41:00 +0300 [cluster1-n1: secd: secd.kerberos.preauth:error]: Kerberos pre-authentication failure due to out-of-sync machine account password for vserver (svm1).
- And correlating with
security audit log show
entry:
0000002c.1c8246ca 026f9026 Wed Apr 12 2023 23:41:00 +03:00 [kern_audit:info:2888] 8503ee00004957e0 :: cluster1:ontapi :: 10.11.12.13:61840 :: svm1:user1 :: Login Attempt :: Error: Authentication failed.
0000002c.1c8246d7 026f9047 Wed Apr 12 2023 23:41:00 +03:00 [kern_audit:info:12352] 8503ee00004957e0 :: cluster1:ontapi :: 10.11.12.13:61840 :: cluster1:domain\user1 :: POST /servlets/netapp.servlets.admin.XMLrequest_filer HTTP/1.1 :: Error: 401 Unauthorized