Trend Micro - Securing Your Journey to the Cloud Business
Success
Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Kerberos preauth request fails with KrbException during upgrade of Deep Security Manager

    • Updated:
    • 17 Jul 2020
    • Product/Version:
    • Deep Security 12.0
    • Deep Security 12.5
    • Deep Security 20.0
    • Platform:
    • Windows Server RHEL
Summary

When the customer is using Microsoft SQL server and Windows authentication, sometimes it will fail during the Deep Security Manager upgrade verification because the database cannot connect.

In the same folder of Deep Security Manager installer, it will also generate an error.log showing the Kerberos preauth request throws the exception shown in the screenshot below:

Details
Public
Since Deep Security Manager(DSM) 12.0 Update 10, the Java Run time has been upgraded.  The new JRE had some Kerberos enhancement and as a result in some customer environment, the Kerberos exception cause the Windows authentication to fail and  the Deep Security Manager installer will not able to connect to Microsoft SQL Server.
 
Solution

The solution to resolve this issue is to add the JRE options "-Dsun.security.krb5.disableReferrals=true" in the vmoptions file in both the DSM and installer.

For Windows:
1. Add "-Dsun.security.krb5.disableReferrals=true" to Deep Security Manager.vmoptions file to the DSM installation folder 
2.  Copy the same file to the same folder of the DSM installer and rename it to your installer file name.
     For example, Manager-Windows-12.0.xxx.x64.vmoptions 

For Linux
1. Add "-Dsun.security.krb5.disableReferrals=true" to dsm_s.vmoptions file to the DSM installation folder
2. Copy the same file to the folder of the DSM installer and rename it to your installer file name.
    For example, Manager-Linux-12.0.xxx.x64.sh.vmoptions
 

After applying the above steps you can now re-run the Deep Security Manager installer and this time it will pass the upgrade verification

Premium
Internal
Partner
Rating:
Category:
Upgrade
Solution Id:
000259523
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

This website uses cookies for website functionality and traffic analytics. Our Cookie Notice provides more information and explains how to amend your cookie settings.

Learn More Ok, got it