KRB_AP_ERR_TKT_EXPIRED error in Kerberos tickets
This article helps you resolve consistent authentication issues that might affect Kerberos tickets.
Kerberos is a protocol that uses secret keys for providing secure authentication for client or server applications. A ticket is issued to a user for successful authentication. Typically, Kerberos tickets have a lifetime of about 10 hours and are renewed automatically.
Symptoms
The Key Distribution Center (KDC) displays a KRB_AP_ERR_TKT_EXPIRED
error message that indicates that a service has failed.
Cause
The Kerberos connection fails if a user tries to use an expired ticket for authentication. For more information, see Kerberos authentication troubleshooting guidance.
Resolution
To resolve this error, follow these steps:
Use the
KLIST purge
command to clear user tickets, or log off and back on, or restart the computer.Use the
KLIST
command together with the SSPIClient tool to view and manage Kerberos tickets and service principal names (SPNs), as shown in the following command:KLIST GET MSSQLSvc\SQLProd01.contoso.com:1433
More information
Váš názor
https://aka.ms/ContentUserFeedback.
Připravujeme: V průběhu roku 2024 budeme postupně vyřazovat problémy z GitHub coby mechanismus zpětné vazby pro obsah a nahrazovat ho novým systémem zpětné vazby. Další informace naleznete v tématu:Odeslat a zobrazit názory pro