GSSAPI Error: Server not found in Kerberos database

Hi all
For about 3 days I'm now seeing this error message in system.log every 3 minutes:
DirectoryService: GSSAPI Error: Miscellaneous failure (Server not found in Kerberos database)
This happens on a fileserver which is connected to an OD server.
I did a search in this forum and found one thread about it. The advice there was to look in kdc.log to see which principal is failing - but I don't have a kdc.log. The other tip was to use kadmin to get a list of the principals by using
kadmin.local -q listprincs
but what I get instead of this list is:
Authenticating as principal xyz/[email protected] with password.
kadmin.local: No such file or directory while initializing kadmin.local interface
It seems that some file is missing, which would explain why DirectoryService can't find the server in the database... I have to confess that I have no idea as to how Kerberos works or how to configure it.
Authentication against the OD server is working fine, it's just that the errors in the log are getting on my nerves, and they make it difficult to find other, more important messages in system.log.
Thankas, Tina

Ah, I see, the kdc.log is on the OD server, not on
the file server where I was looking for it.
OK, in the kdc logfile I have a lot of entries like
these ones:
Kerberos is an auth system where the user authenticates to the kdc and is issued a TGT (Ticket Granting Ticket). The user then presents their TGT and a service principal (Kerberos name of a server) to the kdc to get a service ticket. The user then sends the service ticket to the server who lets the user in.
Some interpretation:
Mar 22 09:18:35 zool09.abc.xy krb5kdc[218](info):
TGS_REQ (7 etypes {18 17 16 23 1 3 2}) 130.60.23.23:
UNKNOWN_SERVER: authtime 1143003387,
[email protected] for krbtgt/[email protected],
Server not found in Kerberos database
This (TGS_REQ) is request for a service ticket from 130.60.23.23 using the
TGT owned by [email protected], to get a service ticket for
krbtgt/[email protected]. It looks like krbtgt/[email protected] is not in your kdc's database. This looks like a cross realm request.
If you are also connected to an active directory system you might see something like this.
Mar 22 09:19:20 zool09.abc.xy krb5kdc[218](info):
AS_REQ (7 etypes {18 17 16 23 1 3 2}) 130.60.23.11:
NEEDED_PREAUTH: [email protected] for
krbtgt/[email protected], Additional
pre-authentication required
Mar 22 09:19:20 zool09.abc.xy krb5kdc[218](info):
AS_REQ (7 etypes {18 17 16 23 1 3 2}) 130.60.23.11:
ISSUE: authtime 1143015560, etypes {rep=16 tkt=16
ses=16}, [email protected] for
krbtgt/[email protected]
The AS_REQ's above are the two step authentication process for user [email protected] from 130.60.23.11.
Mar 22 09:19:20 zool09.abc.xy krb5kdc[218](info):
TGS_REQ (7 etypes {18 17 16 23 1 3 2}) 130.60.23.11:
UNKNOWN_SERVER: authtime 1143001370,
[email protected] for
krbtgt/[email protected], Server not
found in Kerberos database
This is another service ticket request. Though the requested service principal looks malformed, I would look for something misconfigured on 130.60.23.11.
Possibly watch what user zds01 is doing during login to get some idea of what's going on.
Mar 22 09:19:20 zool09.abc.xy krb5kdc[218](info):
TGS_REQ (7 etypes {18 17 16 23 1 3 2}) 130.60.23.11:
UNKNOWN_SERVER: authtime 1143001370,
[email protected] for
krbtgt/[email protected], Server not found
in Kerberos database
Same as above.
What do they mean? I didn't set up Kerberos
authentication, I think I don't need it, is there any
way to disable it? Or am I using it without knowing
it??
When you set up the OD Master, a kdc & the needed files were set up to allow single sign on to all the kerberized services in the system.
- see if you have an
/Library/Preferences/edu.mit.Kerberos file
- Also look for an /etc/krb5.keytab file
Yes, I have both of them.
kadmin.local -q listprincs on the OD server gives me
a long list of computers, users and services like
this:
I don't know what these all mean... could you give me
a brief explanation?
[email protected]
When you create a computer record in Workgroup Manager a generic principal name is added to the kdc for that computer. It is related to the host/computer_name@REALM service principal for servers.
[email protected]
This is a user principal (this is the account name for the user in the Kerberos system) Sometimes you will see user/admin@REALM.
afpserver/[email protected]
This is a service principal. They usually are in the form servicetype/server_dnsname@REALM
One of the things that Kerberos is very sensitive to is correct DNS configuration. You need to have both forward (name -> IP) and reverse (IP -> name) DNS set up for all the servers in your realm.
Hope this helps
- Leland
DP G4 Mac OS X (10.4.5)

Similar Messages

Server not found in Kerberos database (7)

Hi!
Running the examples from
http://java.sun.com/javase/6/docs/technotes/guides/security/jgss/lab
works fine for me as long as I use the Kerberos test realm I have set up on a unix machine. But when I run the same classes against our Active Directory, the client spills a stacktrace, indicating that AD can not find the server in its database. But it actually is in that database, as the sample server can perfectly authenticate as exactly that principal!
Enabling all security related debug info i could find, this is the client dump:
$ java -Djava.security.auth.login.config=jaas-krb5.conf
 -Djava.security.krb5.kdc=##KDC##
 -Djava.security.krb5.realm=##REALM##
 -Dsun.security.jgss.debug=true
 -Dsun.security.krb5.debug=true
 -Djava.security.debug="logincontext,policy,scl,gssloginconfig"
 GssClient host ##SERVER##
scl: getPermissions ProtectionDomain (file:/xxxxx/ <no signer certificates>)
sun.misc.Launcher$AppClassLoader@11b86e7
<no principals>
java.security.Permissions@1a46e30 (
(java.io.FilePermission \xxxxx\- read)
(java.lang.RuntimePermission exitVM)
scl:
Debug is true storeKey false useTicketCache true useKeyTab true doNotPrompt false ticketCache is nu
ll isInitiator true KeyTab is null refreshKrb5Config is false principal is xxxxx tryFirstPass is tru
e useFirstPass is false storePass is false clearPass is false
Acquire TGT from Cache
KinitOptions cache name is C:\xxxxxAcquire default native Credentials
Obtained TGT from LSA: Credentials:
client=##USER##@##REALM##
server=krbtgt/##REALM##@##REALM##
authTime=20070705103930Z
startTime=20070705103930Z
endTime=20070705203930Z
renewTill=20070712103930Z
flags: FORWARDABLE;RENEWABLE;INITIAL;PRE-AUTHENT
EType (int): 23
Principal is ##USER##@##REALM##
 [Krb5LoginModule] authentication succeeded
 [LoginContext]: login success
Commit Succeeded
 [LoginContext]: commit success
Authenticated principal: [##USER##@##REALM##]
Connected to address ##SERVER##/xxxxx
xxxxx
create server name with host@##SERVER##
Search Subject for Kerberos V5 INIT cred (<<DEF>>, sun.security.jgss.krb5.Krb5InitCredential)
Found ticket for ##USER##@##REALM## to go to krbtgt/##REALM##@##REALM## expiring on Thu Jul
05 20:39:30 GMT 2007
Entered Krb5Context.initSecContext with state=STATE_NEW
Found ticket for ##USER##@##REALM## to go to krbtgt/##REALM##@##REALM## expiring on Thu Jul
05 20:39:30 GMT 2007
Service ticket not found in the subject
Credentials acquireServiceCreds: same realmUsing builtin default etypes for default_tgs_enctypes
default etypes for default_tgs_enctypes: 3 1 23 16 17.
CksumType: sun.security.krb5.internal.crypto.RsaMd5CksumType
EType: sun.security.krb5.internal.crypto.ArcFourHmacEType
KrbKdcReq send: kdc=##KDC## UDP:88, timeout=30000, number of retries =3, #bytes=1328
KDCCommunication: kdc=##KDC## UDP:88, timeout=30000,Attempt =1, #bytes=1328
KrbKdcReq send: #bytes read=101
KrbKdcReq send: #bytes read=101
KDCRep: init() encoding tag is 126 req type is 13
KRBError: sTime is Thu Jul 05 14:43:05 GMT 2007 1183646585000
 suSec is 487997
 error code is 7
 error Message is Server not found in Kerberos database
 realm is ##REALM##
 sname is host/##SERVER##
 msgType is 30
KrbException: Server not found in Kerberos database (7)
 at sun.security.krb5.KrbTgsRep.<init>(Unknown Source)
 at sun.security.krb5.KrbTgsReq.getReply(Unknown Source)
 at sun.security.krb5.internal.CredentialsUtil.serviceCreds(Unknown Source)
 at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(Unknown Source)
 at sun.security.krb5.Credentials.acquireServiceCreds(Unknown Source)
 at sun.security.jgss.krb5.Krb5Context.initSecContext(Unknown Source)
 at sun.security.jgss.GSSContextImpl.initSecContext(Unknown Source)
 at sun.security.jgss.GSSContextImpl.initSecContext(Unknown Source)
 at GssClient$GssClientAction.run(GssClient.java:171)
 at java.security.AccessController.doPrivileged(Native Method)
 at javax.security.auth.Subject.doAs(Unknown Source)
 at Jaas.loginAndAction(Jaas.java:94)
 at GssClient.main(GssClient.java:97)
Caused by: KrbException: Identifier doesn't match expected value (906)
 at sun.security.krb5.internal.KDCRep.init(Unknown Source)
 at sun.security.krb5.internal.TGSRep.init(Unknown Source)
 at sun.security.krb5.internal.TGSRep.<init>(Unknown Source)
 ... 13 more
Exception in thread "main" java.security.PrivilegedActionException: GSSException: No valid credentia
ls provided (Mechanism level: Server not found in Kerberos database (7))
 at java.security.AccessController.doPrivileged(Native Method)
 at javax.security.auth.Subject.doAs(Unknown Source)
 at Jaas.loginAndAction(Jaas.java:94)
 at GssClient.main(GssClient.java:97)
Caused by: GSSException: No valid credentials provided (Mechanism level: Server not found in Kerbero
s database (7))
 at sun.security.jgss.krb5.Krb5Context.initSecContext(Unknown Source)
 at sun.security.jgss.GSSContextImpl.initSecContext(Unknown Source)
 at sun.security.jgss.GSSContextImpl.initSecContext(Unknown Source)
 at GssClient$GssClientAction.run(GssClient.java:171)
 ... 4 more
Caused by: KrbException: Server not found in Kerberos database (7)
 at sun.security.krb5.KrbTgsRep.<init>(Unknown Source)
 at sun.security.krb5.KrbTgsReq.getReply(Unknown Source)
 at sun.security.krb5.internal.CredentialsUtil.serviceCreds(Unknown Source)
 at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(Unknown Source)
 at sun.security.krb5.Credentials.acquireServiceCreds(Unknown Source)
 ... 8 more
Caused by: KrbException: Identifier doesn't match expected value (906)
 at sun.security.krb5.internal.KDCRep.init(Unknown Source)
 at sun.security.krb5.internal.TGSRep.init(Unknown Source)
 at sun.security.krb5.internal.TGSRep.<init>(Unknown Source)
 ... 13 moreWhy's AD claiming in the KRBError that it can't find a sname/realm which exactly matches the principal it accepted for the server? This totally confuses me! Can please anyone bring some light?
Regards

It works now!!!
The exact procedure is:
- Create a new user in AD with an arbitrary name <username>. Use the same name in "User Logon Name", "User Logon Name (pre Win2K)" and "First Name" (odd, isn't it).
- Set the password, deactivate "User has to change the password at first logon", and activate "Password never expires"
- Create a mapping for the service name by entering into the command line: ktpass -princ "<protocol>/<fqdn>@<realm>" -mapuser "<username>@<realm>" -pass "*" -out dummy.keytab
- Check that the mapping is set and unique; use adsiedit.msc (Windows Support Tools).
- Now you can use the Java tool ktab to create your own keytab as usual and go.
But it is a science in its own right to correctly configure an Active Directory , especially for use with Kerberos. In particular error messages are hardly useful (as it is generally the case in the Kerberos world). It may help to read:
http://www.microsoft.com/downloads/details.aspx?FamilyID=99b0f94f-e28a-4726-bffe-2f64ae2f59a2&DisplayLang=en
and
http://www.microsoft.com/downloads/details.aspx?FamilyID=7dfeb015-6043-47db-8238-dc7af89c93f1&displaylang=en
Have fun!

Kinit: Client not found in Kerberos database while getting initial credentials

Hi all,
I am trying to configure application which uses Kerberos authentication.
Error message:
kinit: Client not found in Kerberos database while getting initial credentials
I use Windows Server 2003 domain controller as LDAP server, Tomcat application (on Linux) and IIS application as client, and apache load balancer.
There is multidomain environment: russia.domain.net, europa.domain.net, asia.domain.net;
Tomcat and IIS servers works behind a proxy server (Apache on Linux).
For applications created two DNS records type A. all DNS use IP address of Apache proxy server:
application-sandbox.russia.domain.net
applicationweb-sandbox.russia.domain.net
To confiure kerberos authentication i have performed the following steps:
1. Create user account in EUROPA domain and configure delegation for this:
EUROPE\application_sandbox
2. Register SPN for this account:
setspn -A HTTP/application-sandbox.russia.domain.net EUROPE\application_sandbox
setspn -A HTTP/application-sandbox EUROPE\application_sandbox
3. After i verified registered SPN for this account:
setspn.exe -L EUROPE\application_sandbox
Registered ServicePrincipalNames for CN=kxxb999,OU=Users,DC=europe,DC=domain,DC=net:
HTTP/application-sandbox
HTTP/application-sandbox.russia.domain.net
3. After i generate a keytab file:
ktpass /princ HTTP/application-sandbox.russia.domain.net:@RUSSIA.DOMAIN.NET /ptype krb5_nt_principal /crypto rc4-hmac-nt /mapuser EUROPE\application_sandbox /out application_sandbox.keytab -kvno 0 /pass Pa$$w0rd
4. Properties of account looks like the following:
Get-ADUser -Identity appication_sandbox -Properties CN, ServicePrincipalNames, UserPrincipalName
CN : kxxb999
DistinguishedName : CN=kxxb999,OU=Users,DC=europe,DC=domain,DC=net
Enabled : True
GivenName :
Name : kxxb999
ObjectClass : user
SamAccountName : application_sandbox
ServicePrincipalNames : {HTTP/application-sandbox, HTTP/application-sandbox.russia.domain.net}
Surname : application_sandbox
UserPrincipalName : HTTP/[email protected]
4.Note that CN and User logon name are different. SPN registered for DNS record.
There are no computer in domain with name application-sandbox.russia.domain.net. this is a DNS record for application.
5. Then i copy keytab file to Linux machine, configure krb5.conf file and trying to get TGT for registered principal name.
krb5.conf file:
[libdefaults]
default_realm = EUROPE.DOMAIN.NET
dns_lookup_realm = false
dns_lookup_kdc = false
default_tkt_enctypes = rc4-hmac
default_tgs_enctypes = rc4-hmac
[realms]
RUSSIA.DOMAIN.NET = {
kdc = dc01.russia.domain.net
admin_server = dc01.russia.domain.net
default_domain = russia.domain.net
EUROPE.DOMAIN.NET = {
kdc = dc01.europe.domain.net
admin_server = dc01.europe.domain.net
default_domain = europe.domain.net
[domain_realm]
europe.domain.net = EUROPE.DOMAIN.NET
.europe.domain.net = EUROPE.DOMAIN.NET
russia.domain.net = RUSSIA.DOMAIN.NET
.russia.domain.net = RUSSIA.DOMAIN.NET
[appdefaults]
autologin = true
forward = true
forwardable = true
encrypt = true
Then i verified created keytab file:
klist -e -k -t application_sandbox.keytab
Keytab name: FILE:application_sandbox.keytab
KVNO Timestamp Principal
0 01/01/70 01:00:00 HTTP/[email protected] (arcfour-hmac)
And trying to get TGT ticket:
kinit -V -k -t application_sandbox.keytab HTTP/[email protected]
Using default cache: /tmp/krb5cc_0
Using principal: HTTP/[email protected]
Using keytab: application_sandbox.keytab
kinit: Client not found in Kerberos database while getting initial credentials
But if i use SamAccountName name with kinit commant then i can aquire TGT ticket:
[root@localhost security]# kinit application_sandbox
Password for [email protected]:
[root@localhost security]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: [email protected]
Valid starting Expires Service principal
06/30/14 16:37:41 07/01/14 02:37:38 krbtgt/[email protected]
renew until 07/01/14 16:37:41
I'm in trouble. can anyone faced this problem?
Thank you

Hi all,
according to Amy answer I thought, how user principal could not be found in Kerberos database, e.g AD domain.
My HTTP service works in RUSSIA domain, but user principal created in EUROPE domain.
Next, i have checked my ktpass command:
ktpass /princ HTTP/[email protected] /ptype krb5_nt_principal /crypto rc4-hmac-nt /mapuser EUROPE\application_sandbox /out application_sandbox.keytab -kvno 0 /pass
Pa$$w0rd
especially the following parameters:
/princ HTTP/[email protected]
/mapuser EUROPE\application_sandbox
When generating keytab it changes userlogon name to HTTP/application-sandbox.russia.domain.net and set domain domain to RUSSIA.DOMAIN.NET
But no user principal with name application_sandbox in RUSSIA.DOMAIN.NET domain (e.g. Kerberos realm)
So solution is change RUSSIA.DOMAIN.NET to EUROPE.DOMAIN.NAME in ktpass command.
After that i am able to get TGT and authenticate in domain.

SSO : krb_error 6 Client not found in Kerberos Database

Hi All,
We are trying to configure SSO for Win AD user to login to infoView
OS - Windows 2003 SP2
Machine - 64 Bit
BOE - XI 3.1 + SP2 + FP2.4 (32 Bit)
CMS Database - SQL 2005 Server
Domain Controller - Not sure if is 2003 or 2008 (awaiting information from client)
While executing the kinit
kinit BOSSO/<service accont name with FQDN> <password>
its throwing a "krb_error 6 Client not found in kerberos Database."
However Manual AD is working fine.
What could be the issue here.
Thanks and Regards
Ranjit Krishnan
Edited by: Ranjit Krishnan on Mar 24, 2010 2:56 PM

client not found in kerberos DB means the KDC was located but the username was not found. There are many reasons for this
1) typo in the username or when ktpass was run
2) duplicate UPN (caused by running ktpass on 2 or more accounts)
3) ktpass was not run on the account or not successfully so the username was never changed
4) there is a bug in AD with 2008 DC's when the UPN does not = the samaccountname which will throw this message (search SAP KB's for 2008 client not found in kerberos database and you'll find the link to the Microsoft article to patch it)
Regards,
Tim

Client not found in Kerberos database

Hi All,
I am getting Client not found in Kerberos database* when i try to a create new connection from SQL Developer 2.1.1.64 to Oracle 10G database.
I am sure that login credentials provided in connection properties are correct. pls respond, if you know the solution.
Regards,
Manoj N.

Your "being sure" is overwhelmed by the evidence. The chance that you are correct and database/Kerberos is incorrect is a very small number approaching zero.
So back to basics ...
1. What is your actual database version (it is not 10g)?
2. What version of Kerberos?
3. What platform and operating system?
4. Does it work for anyone else?
5. Did it ever work before and stopped working or is this a first attempt by anyone to log on?
6. Have you turned on connection logging? If not do so. If you have post the relevant section of the log file.
7. Do you have a DBA or system or network administrator on-site?
8. Please also post the full and complete error message not your interpretation of it.
We can not help you without a thorough understanding of what is actually happening which you have not provided.

I keep getting the following error "server not found.....firefox can't find the server at http." when I try to log on to one certain website.

I was able to access this website prior to 2 weeks ago. I can access this website on other computers without issues, and I can also access all other websites on this computer.
The following is what is listed in the navigation bar when I get the error message.
http://iphantom.com/wisd/restricted.html?fn=Default&FP=l&ip=10.201.5157&ibip=66.206.97.9&ldu=l&re=0&bu=wps.prenhall.com
I noticed it says wisd/restricted, but I can log on to this website using my wisd computer without issue, and I get the same error message at my home/other locations. So I know that it is not restricted. I have used all the other suggestions "no proxy", shut down firewalls, but nothing has worked.
Any help with this matter will be greatly appreciated.
Thank you,
Cody

go through this
[[Server Not Found - Troubleshoot connection problems|Server Not Found - Troubleshoot connection problems]]

Get error "server not found".

"Server not found" is error message I get. Running Windows 7 with McAfee virus software/firewall. Can connect to internet via hardwire,but not via wireless modem.
== This happened ==
Every time Firefox opened
== Yesterday

I must of bought after you had tried. After having to resend info twice on each page to get thru the purchase process, I finally got the latest episode downloaded......Thats when my troubles started !
Here is my post :
http://discussions.apple.com/thread.jspa?threadID=359806&tstart=0

Error: Server not found or server may be down (FWM 01003) null

I installed Crystal Reports Server 2008. The server is a new install of windows 2003 server fully service packed... The ony connection to SQL is through an ODBC connection to a seperate MSSQL Server. I did not set a password for the CMC and checked the "change administrator password later". When I try to log in to the CMC I get
Error: Server srvreports:6400 not found or server may be down (FWM 01003) null
I am connecting through an ODBC using a trusted connection... Should I not do it this way?
I have tried uninstalling several times... including specifying a password.
Thank you in advance for the assistance

Hi Abhishek,
The Central Management Server (CMS) is responsible for maintaining a database of information about your BusinessObjects Enterprise system, which other components can access. The data stored by the CMS includes information about users and groups, security levels, BusinessObjects Enterprise content, and servers
- Maintaining Security , Managing Objects, Managing Servers, Managing Auditing.
SIA is the Server Intelligence Agent. Server Intelligence is the underlying server management architecture that simplifies the administration and deployment of BusinessObjects Enterprise servers and services. When you start a SIA you can configure all, some, or none of the servers contained in/managed by the SIA to also be started. All BO servers in a SIA must belong to the same cluster. The SIA maintains server status according to the settings you specify in the CMC. It processes the CMC's requests to start, stop, monitor, and manage all servers on the node, and it also monitors potential problems and automatically restarts servers that have shut down unexpectedly. The SIA ensures optimal performance by continually monitoring server status information, which is stored in the CMS database. When you change a server's settings or add a new server in the CMC, the CMS notifies the SIA, and the SIA performs the task.
The SIA is automatically configured during installation, but you can change these default settings through the CCM.

Error: Server not found or server may be down (FWM 01003) while login CMC

Hi,
Enviornment details:
BOXI3.1
ORacle 10G
Wnidows 2003
We are not able to login to CMC after installation of BOXI3.1.
In task manager we see sia.exe but cannot see cms.exe running
Verified the database connection, it is working fine
Checked the TNSnames.ora file and verified if the TNS_ADMIN variable was specified in the environment variables.
Tried creating new SIA server with new database schema but it did not help.
We observe these errors in Event Viewer:
Source: Server Intelligence Agent
[Node Name: W3SGTHA31]
[User Name: SYSTEM]
Server Intelligence Agent: CMS W3SGTHA31.CentralManagementServer has
failed and the Server Intelligence Agent has not been able to connect
to the cluster. Please verify your CMS port and database settings are
correct.
Source: Server Intelligence Agent
[Node Name: W3SGTHA31]
[User Name: SYSTEM]
Server Intelligence Agent: server W3SGTHA31.CentralManagementServer is
considered failed because it has stopped 5 time(s) within 60 minute(s).
Please restart this server.
Source: BUSINESS OBJECTS_cms
The root server reported an error Initialization Failure. (Reason:
BusinessObjects Enterprise CMS: Unable to connect to the CMS system
database "BOD". Reason: ORA-12154: TNS:could not resolve the connect
identifier specified
BusinessObjects Enterprise CMS: Unable to connect to the CMS system
database "BOD". Reason: ORA-12154: TNS:could not resolve the connect
identifier specified
CDatabase::Open failure.
Source: BUSINESS OBJECTS_cms
CMS is unstable and will shut down immediately. Reason: BusinessObjects
Enterprise CMS: Unable to connect to the CMS system database "BOD".
Reason: ORA-12154: TNS:could not resolve the connect identifier
specified
Thanks,
Anisa

You can't login into the server, because CMS server can't start.
It can't start due to following error : ORA-12154: TNS:could not resolve the connect identifier specified CDatabase::Open failure
Something in a way DB connectivity is set or in a way CMS DB is setup in oracle is not right.
The error comes strait from Oracle so quick google search shows :
ORA-12154: TNS:could not resolve the connect identifier specified
Cause: A connection to a database or other service was requested using a connect identifier, and the connect identifier specified could not be resolved into a connect descriptor using one of the naming methods configured. For example, if the type of connect identifier used was a net service name then the net service name could not be found in a naming method repository, or the repository could not be located or reached.
Action: - If you are using local naming (TNSNAMES.ORA file):
- Make sure that "TNSNAMES" is listed as one of the values of the NAMES.DIRECTORY_PATH parameter in the Oracle Net profile (SQLNET.ORA)
- Verify that a TNSNAMES.ORA file exists and is in the proper directory and is accessible.
- Check that the net service name used as the connect identifier exists in the TNSNAMES.ORA file.
- Make sure there are no syntax errors anywhere in the TNSNAMES.ORA file. Look for unmatched parentheses or stray characters. Errors in a TNSNAMES.ORA file may make it unusable.
- If you are using directory naming:
- Verify that "LDAP" is listed as one of the values of the NAMES.DIRETORY_PATH parameter in the Oracle Net profile (SQLNET.ORA).
- Verify that the LDAP directory server is up and that it is accessible.
- Verify that the net service name or database name used as the connect identifier is configured in the directory.
- Verify that the default context being used is correct by specifying a fully qualified net service name or a full LDAP DN as the connect identifier
- If you are using easy connect naming:
- Verify that "EZCONNECT" is listed as one of the values of the NAMES.DIRETORY_PATH parameter in the Oracle Net profile (SQLNET.ORA).
- Make sure the host, port and service name specified are correct.
- Try enclosing the connect identifier in quote marks. See the Oracle Net Services Administrators Guide or the Oracle operating system specific guide for more information on naming.

BI 4.0 - Error: Server not found or server may be down (FWM 01003) null

Hello all,
I know that this error message is already resolved on another post... But despite the good proposed solution, the problem is still there ...
OS & Db :
BO 4.0 SP2 on standalone
DBs CMS & Audit is SQL Server 2008 Express
Already test :
Windows Services ( SIA , Tomcat, SQL Server)
Repair BO
Change port
ODBC (change & create again )
I suppose the probleme is the link between CMS and the database...
Thanks in advance for valuable ideas
Cédric

HI Sebastian,
I launch IE on http://adcsrv06.company.internal:8080/BOE/CMC or http://adcsrv06.company.internal:8080/BOE/BI and when I want log on, i receive the error message.
Cédric
Ps: I have already installed SQL Server 2008 R2 on the same server.

Error "kdc: Server not found in database" on attempted connections using Network User Credentials

I am rebuilding my system after a recent debacle with Time Machine, which resulted in a complete wiping of my Open Directory contents. At this point, users can log into various computers on the network, when the hosts have been reconnected to the newly formed Open Directory and the trust certificate has been authorized. However, when users attempt to connect to any file share, the Network User Account credentials fail to gain access.
I am running Mac OS X 10.9.4 on all systems. Two mac-mini's are running OS X Server 3.1.2. One of these servers (mavericks1.pediatricheartcenter.org) is the Open Directory. While testing the system, I am using the console on "Mavericks1," so the following discussion involves communication between the two server hosts only.
From Mavericks1, I open the console and attempt to connect to my file server, named fileserver.pediatricheartcenter.org. I clear the console just prior to sending a "registered user" request to "FileServer" to gain access. Careful examination of the console records shows the following:
1. The Network User is authorized with a message "ENC-TS pre-authentication succeeded".
2. Mavericks1 lists a console message that reads "kdc: Server not found in database: krbtgt/[email protected]:no such entry found in hdb"
3. Mavericks1 lists a console message that reads "kdc: Server not found in database: cifs/[email protected]: no such entry found in hdb"
4. The process registers what appears to be a final failure before trying again with "kdc: Failed building TGS-REP to 127.0.0.1:64390"
FileStorage.local does not exist in the DNS, nor does it exist on FileStorage.pediatricheartcenter.org. That (local) host name was removed when the domain host name for filestorage.pediatricheartcenter.org was created.
1. Why does the kerberos process reference a host name that does not exist?
2. What might be causing the failed authentication exchange?
3. What can be done to remedy the issue?

I spent some time on the phone with Apple Support on Friday. Thank you to Linc Davis for providing some insights into the issues.
As a result of the conversation with Apple Support we learned the following, which I will report here for those who might find this page again:
First, OpenDirectories are extremely fragile. Once you have turned on your OpenDirectory, do not do any of the following:
Do NOT change the host name.
Do NOT change the IP address.
If you are going to attempt either of these things, you should make a clone of your drive (not just a TimeMachine backup, a fully bootable clone, just in case).
Performing these activities (particularly the changing of the host name) will "break" your open directory, and the only way to rebuild the open directory is first to fully destroy the original. Several services are also destroyed when OpenDirectory is broken, the most notable is Profile Manager.
DESTROYING OPEN DIRECTORY
To fully destroy OpenDirectory, it is more complex than simply turning off the OpenDirectory and turning it back on again. Perform the following steps:
Install WorkGroup Manager (it is depricated, but Apple still has a version available for use with OS X Mavericks to handle functions that the Server App does not perform like exporting users and groups).
Sign into WorkGroup Manager as the directory administrator (user name defaults to "diradmin" the password is defined on OpenDirectory creation).
Export the Users, Groups, Computers and Computer Groups to the Desktop or another safe location.
Close WorkGroup Manager
Turn off the OpenDirectory in Server App.
Delete the Server App from the Applications folder and put it in the Trash. (This will disable any active services that are marking various files as being currently in use. Don't worry, we will restore it from the Trash when we are done).
In the terminal, run the following command: sudo slapconfig -destroyldapserver
Make a backup of all website files (just in case)
Navigate to the folder /Library/Server and delete the ProfileManager folder. (If you willing to do so, delete the whole Server folder).
After deleting various folders in the /Library/Server directory, restore the Server.app from the Trash.
Run the Server App.
Set the computer's network connection and host name.
Create a new OpenDirectory.
Use WorkGroup Manager to import any exported files from Step 3.
If you deleted the entire Server directory, use the website backup to retrieve the files that comprise your web site(s) and use the Server App to link the file directories to the Web site's domain name(s).
Personal Note: These instructions got me farther than any other tips I had received previously. After following these instructions, I was able to rebuild my Open Directory. During the process of copying files from the old user home folders into the new user home folders, the computer froze and when it rebooted, all the users and groups I had created during the day had disappeared. Rather than trouble-shooting it again, I decided to do a fresh installation.
A NOTE ON HOME FOLDERS
PER APPLE SUPPORT: Do NOT use the default /Users directory for Network users. Apple Support wanted me to rebuild the home directory, but they noted I was not able to do this, because I had used /Users. This folder ("/Users") is a critical component of the OS X system, and will cause additional problems if the folder is destroyed and rebuilt. The directory id and permissions must remain unchanged from the original installation.
For this reason, Server administrators (like yourself) should use File Sharing in the Server App to create a new anchor point for home directories. Create a shared folder. Ensure that it is shared over the protocols that you will be using (AFP, SMB, WebDav), and then after selecting these values, check the box that allows the folder to be used as a home directory at the bottom of this list. This box will be greyed out if the system is not already bound to an OpenDirectory. If you have activated OpenDirectory on the same machine, the machine will operate as if bound to itself, and this field will be active. If the FileShare server is NOT an OpenDirectory master or replica, then bind the machine to an OpenDirectory via the "System Preferences > Users & Groups > Login Options".
If the local area network has FileShares that are enabled for home directory use, the folders will appear in the User Profile editor under the Home Folder list (See image)
In the screenshot above, I have selected a shared directory named "HomeFolders". By using specially defined home folder directory, the server administrator has the option of deleting and modifying the home folder if necessary. Creating a home folder directory in a location other than "/Users" is the recommended best practice by Apple Support.
If you are inserting files into the home folders, you will need to change the owner and the group to the new owners names. I copied files from the old user directories into the new user directories so that the users would have access to their old files. When my OpenDirectory crashed, and all the users were recreated, they were recreated with different system level user id's. The system therefore maintains a memory that the file was owned by the original owner, even though the system administrator has put it in the new user profile's folder. To fix this, do the following:
1. Prior to making the copy, run "ls -al" from the terminal on the new home directory root. You are looking for the default folder owner and default folder group. On my system it was the user name and a group named "staff".
2. When making the copy, do not replace the user folder. Copy the files into the file folder, not over it.
3. After you have moved files into the user's folders, you can use "sudo chown -R [owner]:[group] [homeFolderPath]/*" and "sudo chmod -R 700 [homeFolderPath]/*" (replace the [owner] and [group] portions of these commands with the owners and groups identified by the command in step 1, and replace [homeFolderPath] with a path to the user directory created for the specific user.
For example:
For the user johnnybgood, we might see the following:
1. We run "ls -al" on the newly created home folder and find that the folder /Volumes/HomeFolders/johnnybgood is owned by johnnybgood and the group "staff".
2. We copy or move files from the old locations using commands similar to the following:
       sudo mv /OldFolderLocation/johnnybgood/Documents/* /Volumes/HomeFolders/johnnybgood/Documents
       sudo mv /OldFolderLocation/johnnybgood/Desktop/* /Volumes/HomeFolders/johnnybgood/Desktop
       sudo mv /OldFolderLocation/johnnybgood/Music/* /Volumes/HomeFolders/johnnybgood/Music
       ....etc....
       (notice how we are not just moving the old johnnybgood folder to the new location.)
3. Next, we change the ownership and file permissions:
       sudo chown -R johnnybgood:staff /Volumes/HomeFolders/johnnybgood/Documents
       sudo chown -R johnnybgood:staff /Volumes/HomeFolders/johnnybgood/Desktop
       sudo chown -R johnnybgood:staff /Volumes/HomeFolders/johnnybgood/Music
       ...etc...
       sudo chmod -R 700 /Volumes/HomeFolders/johnnybgood/Documents
       sudo chmod -R 700 /Volumes/HomeFolders/johnnybgood/Desktop
       sudo chmod -R 700 /Volumes/HomeFolders/johnnybgood/Music
       ...etc...
4. Let the user log in and use the system normally.

SSO2 Error = ERROR: PSE not found in database

Hello Gurus,
Need your help.
In SS02 in the directory below SAPSSO2000.pse is incorrect. This should point to /usr/sap/MQW/DVEBMGS04/sec/SAPSYS.pse and I am not sure how to correct it. Do I need to maintain a profile to do this.
Certificate List
The Certificate List Is Used To Verify the Digital Signature for the Logon Ticket
/usr/sap/MQW/DVEBMGS04/sec/SAPSSO2000.pse
As a remedy, i have created a soft link so it will still point to SAPSYS.pse but I am still having an error below.
Application server PSE:
ID:           CN=MPW
Namespace:
Profiles:     /usr/sap/MQW/DVEBMGS04/sec/SAPSSO2000.pse
OK: file available, length:      4.033
ERROR: PSE not found in database
Can anyone advise me what to do please? Thanks in advance!
Rachelle

Hi,
Is environment variable SECUDIR set ?
Thanks
Sunny

Constantly keep getting error 404, server not found

Very frequently I keep getting the error message 404, server not found. This problem mainly comes up after I have been on the computer for a while, and I leave the web site that I'm viewing on for some time. I then return to the computer some time later, and when I try to refresh the page to update the info on the page (example: a weather site or yahoo stock market info) I keep getting, 404 server not found. When I try the option: try again, it does nothing to solve the constant problem. The only way I can get back to the web site and see updated info is to start firefox in safe mode. And, that does solve the problem. But why does this problem keep constantly occurring. And, why do I have to constantly have to restart firefox in safe mode to get going again. It would seem firefox should recognize this issue and solve it. I'm using what I believe to be the latest version, 15. Can someone shed some light on this issue? I did not have this problem with my older computer and an old version of firefox, version 3.6. But, since getting a new computer and using a new version of firefox, version 15, this problem constantly appears. Can some one help? Thank you.

Which security software (firewall, anti-virus) do you have?
A possible cause is security software (firewall,anti-virus) that blocks or restricts Firefox or the plugin-container process without informing you, possibly after detecting changes (update) to the Firefox program.
Remove all rules for Firefox and the plugin-container from the permissions list in the firewall and let your firewall ask again for permission to get full unrestricted access to internet for Firefox and the plugin-container process and the updater process.
See:
*https://support.mozilla.org/kb/Server+not+found
*https://support.mozilla.org/kb/Firewalls
Do a malware check with some malware scanning programs on the Windows computer. 
You need to scan with all programs because each program detects different malware.
Make sure that you update each program to get the latest version of their databases before doing a scan.
*Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam.php
*SuperAntispyware: http://www.superantispyware.com/
*Microsoft Safety Scanner: http://www.microsoft.com/security/scanner/en-us/default.aspx
*Windows Defender: Home Page: http://www.microsoft.com/windows/products/winfamily/defender/default.mspx
*Spybot Search & Destroy: http://www.safer-networking.org/en/index.html
*Kasperky Free Security Scan: http://www.kaspersky.com/security-scan
You can also do a check for a rootkit infection with TDSSKiller.
*http://support.kaspersky.com/viruses/solutions?qid=208280684
See also:
*"Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked

In Firefox, I keep getting "Server not found" error - CONSTANTLY!

Two days ago I started getting the "server not found" error, off and on, daily. It is happening on both my desktop iMac 10.7, and my Windows 7 laptop. I keep having to hit the "Try Again" butting, and sometimes, several times, before a web site will finally launch. The only two extensions I have on both, are the Adblock Plus and the Last Tab Close Button, both of which, have been installed on said computers for months and months and months.
I went in and changed a setting to the "auto detect proxy setting", hoping that would work, and it did not.
I have Firefox version 21 on both computers, and it seems the problem started shortly after this latest Firefox update, and at the SAME TIME on both computers.
I do not have virus protection on my iMac, nor on my Windows 7 laptop, at the moment, but I have run online software to check for anything, and no issues, so I believe, it is not that which is the issue.
The firewalls on both computers are working fine and no issues there either, I have not changed any firewall settings, on either computer. It couldn't be the firewall, in my opinion, because this annoying error message started happening on BOTH of my computers, at the same time; I work on my iMac in the morning, then switch to my laptop in the afternoon, and same issue continues on both, and started at the same time, on both.
Is there something broken in Firefox from this last update of the browser?
Does anyone have any suggestions as to why both computers are having this issue, at the same time?
I have not tried using I.E. yet on my laptop, I rarely have ever needed to use that browser, and I hate it, so I don't use it.
Any help or suggestions, would be appreciated.

I followed those steps, but clearly some steps are missing. How do you "enable each extension one at a time"? The only choices I see in Safe Mode are "disable" and "remove."
And why is it that every other update to Firefox breaks Firefox? I've had to install add-ons just to be able to use it in Windows 8 with a touchpad.
Now that I think of it, it doesn't even matter any more. After years of Firefox loyalty (even after Firefox users have dropped to 28%), I'm off to download Google Chrome (up to 52%). I'll miss Firefox, but not the on-again, off-again performance.

Have upgraded to 6.0.2 on my MacBook and get error message "Server Not Found" everytime i use Firefox; however, if i then click on my Gmail or other sites from bookmark toolbar it connects. means an extra step and that never happened before

when i first click on Firefox the URL: www.27yhbnhy6tfgvrbcfre3.com shows up and the error message "Server not Found". but i can connect to any website by just clicking on a bookmark from the toolbar (or typing in a url). this never happened with previous versions of Firefox

A possible cause is security software (firewall) that blocks or restricts Firefox or the plugin-container process without informing you, possibly after detecting changes (update) to the Firefox program.
Remove all rules for Firefox from the permissions list in the firewall and let your firewall ask again for permission to get full unrestricted access to internet for Firefox and the plugin-container process and the updater process.
See:
* https://support.mozilla.com/kb/Server+not+found
* https://support.mozilla.com/kb/Firewalls
Start Firefox in [[Safe Mode]] to check if one of the extensions is causing the problem (switch to the DEFAULT theme: Firefox (Tools) > Add-ons > Appearance/Themes).
*Don't make any changes on the Safe mode start window.
*https://support.mozilla.com/kb/Safe+Mode

GSSAPI Error: Server not found in Kerberos database

Similar Messages

Maybe you are looking for