Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1
Fixed In:
13.1.0
Opened: Jun 09, 2017 Severity: 3-Major
After an upgrade, an attempt is made to update/renew an expired Kerberos ticket, and if that does not occur; it will result in stale/old Kerberos ticket causing APM end users to experience failures in authentication.
APM end users experience authentication failures and loss of connectivity.
Kerberos tickets cannot be cleared and renewed.
Restart Kerberos Cache.
A button is provided to be able to clear Kerberos cache from GUI. Similarly there is an option provided to clear cache using TMSH, using the following command: tmsh modify active-directory ad-auth-server cleanup-cache kerberos