SK0-005 · Question #272
SK0-005 Question #272: Real Exam Question with Answer & Explanation
The correct answer is C: The system clock is off by more than five minutes.. Kerberos is a network authentication protocol that uses tickets to allow clients and servers to prove their identity to each other. Kerberos relies on accurate time synchronization between the parties involved, as the tickets have expiration dates and timestamps. If the system cl
Question
A technician learns users are unable to log in to a Linux server with known-working LDAP credentials. The technician logs in to the server with a local account and confirms the system is functional, can communicate over the network, and is configured correctly. However, the server log has entries regarding Kerberos errors. Which of the following is the MOST likely source of the issue?
Options
- AA local firewall is blocking authentication requests.
- BThe users have expired passwords.
- CThe system clock is off by more than five minutes.
- DThe server has no access to the LDAP host.
Explanation
Kerberos is a network authentication protocol that uses tickets to allow clients and servers to prove their identity to each other. Kerberos relies on accurate time synchronization between the parties involved, as the tickets have expiration dates and timestamps. If the system clock of a Linux server is off by more than five minutes from the LDAP server or the domain controller, the Kerberos authentication will fail and generate errors. A local firewall is unlikely to block authentication requests if the server can communicate over the network and is configured correctly. The users' passwords are not relevant if they are known-working LDAP credentials. The server has access to the LDAP host if it can communicate over the network and is configured
Topics
Community Discussion
No community discussion yet for this question.