2 Replies Latest reply on Oct 9, 2012 11:48 PM by Anurag Thalor

    Domain Authentication Failure - Message stream modified (41)

      Has anyone run accross this before?

       

      The below messages are what we see in the logs: (scrubbed for security)

      [09 Oct 2012 04:57:18,626] [Authentication-Service-Thread-2] [WARN] [::10.150.215.27] [Appserver] user@D1H12 cannot login, caught a login exception
      [09 Oct 2012 04:57:18,626] [Authentication-Service-Thread-2] [WARN] [::10.150.215.27] [Appserver] Authentication method in use is Domain Authentication.
      [09 Oct 2012 04:57:18,626] [Authentication-Service-Thread-2] [WARN] [::10.150.215.27] [Appserver] Possible configuration issue during login.
      [09 Oct 2012 04:57:18,626] [Authentication-Service-Thread-2] [WARN] [::10.150.215.27] [Appserver] Check configuration: C:\Program Files\BMC Software\BladeLogic\NSH\br\blappserv_krb5.conf
      [09 Oct 2012 04:57:18,626] [Authentication-Service-Thread-2] [WARN] [::10.150.215.27] [Appserver] Actual error returned from active directory: Message stream modified (41)
      [09 Oct 2012 04:57:18,642] [Authentication-Service-Thread-2] [INFO] [user@D9H11::10.150.215.27] [Appserver] user authentication failed: user@D1H12
      [09 Oct 2012 04:57:18,642] [Authentication-Service-Thread-2] [INFO] [user@D9H11::10.150.215.27] [Appserver] Authentication Connection closed

      Here is our krb5.conf file: (also scrubbed)

      [libdefaults]
      ticket_lifetime = 6000
      default_realm = D1H12
      default_tkt_enctypes = rc4-hmac
      default_tgs_enctypes = rc4-hmac
      [realms]
      D1H12 = {
      kdc = properhost1.properdomain.com:88
      kdc = properhost1.properdomain.com:88
      }
      [domain_realm]
      .d1h12 = D1H12

       

      Here's what we know so far:

      1. The user credentials are correct and are in BSA properly
      2. isDomainAuth is set to True
      3. We do have access to the domain servers from our app server on the correct ports

       

      Anybody seen this before or have any suggestions?