Views:
Since Deep Security Manager(DSM) 12.0 Update 10, the Java Run time has been upgraded.  The new JRE had some Kerberos enhancement and as a result in some customer environment, the Kerberos exception cause the Windows authentication to fail and  the Deep Security Manager installer will not able to connect to Microsoft SQL Server.
 
Solution

The solution to resolve this issue is to add the JRE options "-Dsun.security.krb5.disableReferrals=true" in the vmoptions file in both the DSM and installer.

For Windows:
1. Add "-Dsun.security.krb5.disableReferrals=true" to Deep Security Manager.vmoptions file to the DSM installation folder 
2.  Copy the same file to the same folder of the DSM installer and rename it to your installer file name.
     For example, Manager-Windows-12.0.xxx.x64.vmoptions 

For Linux
1. Add "-Dsun.security.krb5.disableReferrals=true" to dsm_s.vmoptions file to the DSM installation folder
2. Copy the same file to the folder of the DSM installer and rename it to your installer file name.
    For example, Manager-Linux-12.0.xxx.x64.sh.vmoptions
 

After applying the above steps you can now re-run the Deep Security Manager installer and this time it will pass the upgrade verification

Keywords: Upgrade DSM, Kerberos preauth request, Kerberos, Krb5LoginModule, Windows Authentication Fail