Identity Awareness Agent disconnects with no apparent reason after some time of operation when Kerberos SSO is defined
||R75 (EOL), R76 (EOL), R76SP (EOL), R76SP.10 (EOL), R77 (EOL), R77.10 (EOL), R77.20, R77.30 (EOL)
||Gaia, SecurePlatform 2.6, IPSO 6.2, Crossbeam XOS
|Platform / Model
Identity Awareness Agent disconnects with no apparent reason after some time of operation when Kerberos SSO is defined, but Kerberos authentication fails (or not working).
SmartView Tracker logs show:
"A secondary session request was received from the same IP. This caused logout of the current session"
However, there are no duplicate IP addresses.
Enabling "Assume that only one user is connected per computer" does not resolve issue (Identity Awareness gateway properties - go to "Identity Awareness" pane - check the box "Active Directory Query" - click on "Settings..." button).
Connection status shows on the Identity Agent:
Machine Identity: Not Detected
Debug of PDPD daemon on the Identity Awareness gateway ('
pdp debug set all all') shows Kerberos errors:
[ PID ...]@HostName[Date Time] [AUTH (TD::Events)] pdp::AuthMngr::GetAuthenticator: Get Kerberos Authenticator.
[ PID ...]@HostName[Date Time] [AUTH (TD::Events)] pdp::KerberosAuthenticator::BuildAuthData: KerberosAuthenticator::BuildAuthData: (
[ PID ...]@HostName[Date Time] SpNegoToken::BDecContent ERROR - SEQUENCE is missing non-optional elmt. offset = 16
[ PID ...]@HostName[Date Time] SpNegoToken::BDec: attempt to decoded Content failed
Note: To view this solution you need to