Bug ID 668532: Cached stale Kerberos tickets can cause auth failures.

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
12.1.2, 12.1.3,,,,,,,, 12.1.4,, 12.1.5,,,, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:

Opened: Jun 09, 2017

Severity: 3-Major


After an upgrade, an attempt is made to update/renew an expired Kerberos ticket, and if that does not occur; it will result in stale/old Kerberos ticket causing APM end users to experience failures in authentication.


APM end users experience authentication failures and loss of connectivity.


Kerberos tickets cannot be cleared and renewed.


Restart Kerberos Cache.

Fix Information

A button is provided to be able to clear Kerberos cache from GUI. Similarly there is an option provided to clear cache using TMSH, using the following command: tmsh modify active-directory ad-auth-server cleanup-cache kerberos

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips