Good morning
We have recently patched our UAT from 9.0 to 9.1 () and suddenly we are getting what appears to be SPN issues.. and sandbox plugins have started to fail.. All errors point to the issue being related to the sandbox service account, which was happily running prior to the update and running perfectly fine in live with the same setup We are running in an NLB environment, 2 FE servers, full servers roles.
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server XXXXXXXXXX. The target name used was host/uat-XXXXXXXX. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server.
The SPNs we have previously set up appear to be correct.
Is this a bug in the patch or does anyone have any suggestions ?
Thanks
------------------------------
James Rees
Senior Systems Engineer
Liverpool
------------------------------