KACE1000 SSO Single Sign on errors in the log

Question

i'm getting an error of
[error] [client 172.x.x.x] [mod_auth_vas] do_gss_spnego_accept: VAS_ERR_INTERNAL: First call to gss_accept_sec_context() failed, minor_status = 0, result = 589824, display_status - ''A token was invalid'', Mechanism-Specific error test: ''unknown mech-code 0 for mech unkown''
 
This happens every time the URL is launched.  I assume the SSO is tring to check in but something is failing.
Any ideas?
The kbox has been joined to the domain, sso is turned on, setting in trusted sites has been turned on.  I'm not sure where to head from here.
 
Thanks.

Answer

Check the settings under IE here: http://rc.quest.com/topics/mod_auth_vas/trouble.php
Otherwise, according to this, it looks like it might be something KACE support will have to fix through a tether:  https://support.quest.com/SolutionDetail.aspx?id=SOL28176

Answer

We had the same problem. It was caused when our host domain in the network settings was different than our AD domain. There is an entry in a config file in the root that gets updated with the computer name found in the AD object. In order for SSO to work we had to add an entry to the AD DNS for <host>.<AD domain>. We also had to update our browser link to http://<host>.<AD Domain>.

It has worked flawlessly ever since.

Walt

KACE1000 SSO Single Sign on errors in the log

Answers (2)

Posted by:

View more:

Related Questions

Related Links

Related Posts

KACE Product Support

KACE1000 SSO Single Sign on errors in the log

Answers (2)

Posted by:

Don't be a Stranger!

View more:

Related Questions

Related Links

Related Posts

Share