Article Content
Article Number | 000031471 |
Applies To | RSA Product Set: Security Analytics RSA Product/Service Type: Log Collector, Security Analytics Server RSA Version/Condition: 10.X Platform: CentOS O/S Version: EL6 |
Issue | WinRM fails for most domains, and a repeated 401 error is observed in the /var/log/messages file on the Log Collector. The error message "does not map to a Kerberos realm" also appears in the /var/lib/netwitness/uax/logs/sa.log file on the Security Analytics server appliance. |
Cause | This error indicates a communication failure to port 88 on the Kerberos authentication ticketing host. This may be due to a firewall, routing or other base network failure in communication. |
Resolution | Be certain to open port 88 to the Kerberos authentication ticket host, and ensure that base network communications to the Kerberos ticketing host and the Log Collector are open. |