SAP Knowledge Base Article - Preview

3021900 - HANA Single Sign-On Authentication (Kerberos) fails with error

Symptom

Single Sign-On authentication with Kerberos fails with the error

Error connecting to database [523 92[SAP AG][LIBODBCHDB SO][HDBODBC] Communication link failure;-10709 Connection failed (RTE:[200106] Protocol error, invalid authentication packet)

Enhancing tracing on [authentication] as per SAP Note: 2083682 - How to Enhance Tracing for SAP HANA SSO Login Issues shows the following

w Authentication Context.cpp(00277) : GSS_S_FAILURE: The routine failed for reasons that are not defined at the GSS level. The minor_status return parameter contains a mechanism-dependent error code describing the reason for the failure.
w Authentication MethodGSSAcceptor.cpp(00268) : processGssToken: accept security context failed
w Authentication MethodGSSAcceptor.cpp(00087) : evaluate: process GSS token failed
w Authentication sm_codec_newdb.cc(00949) : Authentication failed! client address=<ip_addr:port>
e Authentication AbstractMethodGSSAcceptor.cpp(00032) : Error during Kerberos: Major: "unspecified [851968]", minor: "Clock skew too great [2529638949/-1765328347]"


Read more...

Environment

 SAP HANA all versions

Product

SAP HANA 1.0, platform edition

Keywords

kerberos, SSO, major unspecified, minor, clock, skew, NTP , KBA , HAN-DB-SEC , SAP HANA Security & User Management , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.