Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000031471 - WinRM 401 error "does not map to a Kerberos realm" is reported on an RSA Security Analytics Log Collector

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support on Jun 11, 2019

Version 3Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000031471
Applies To	RSA Product Set: Security Analytics RSA Product/Service Type: Log Collector, Security Analytics Server RSA Version/Condition: 10.X Platform: CentOS O/S Version: EL6
Issue	WinRM fails for most domains, and a repeated 401 error is observed in the /var/log/messages file on the Log Collector. The error message "does not map to a Kerberos realm" also appears in the /var/lib/netwitness/uax/logs/sa.log file on the Security Analytics server appliance.
Cause	This error indicates a communication failure to port 88 on the Kerberos authentication ticketing host. This may be due to a firewall, routing or other base network failure in communication.
Resolution	Be certain to open port 88 to the Kerberos authentication ticket host, and ensure that base network communications to the Kerberos ticketing host and the Log Collector are open.

Attachments

Outcomes

0 Comments

Recommended Content