Help
FortiADC
FortiADC enhances the scalability, performance, and security of your applications whether they are hosted on premises or in the cloud.
okhatab
Staff
Staff

Created on ‎12-12-2024 06:59 AM

Article Id 364340

Technical Tip: How to use krb_test tool on FortiADC

Description This article describes how to use the krb_test tool for Kerberos authentication testing and troubleshooting purposes on FortiADC using the CLI.
Scope FortiADC.
Solution
  1. Enter the command below to clear credential cache and keytab:

 

diagnose system krb_test -d

Cleared!

 

  1. Modify the command below using the required data before testing:

 

diagnose system krb_test s <SPN> -u <UPN> -n <delegator principal name> -p <delegator password>

 

For example: the command output below indicates an incorrect delegator account password has been used.

 

diagnose system krb_test -s http/www218.example.test@EXAMPLE.TEST -u adclocal2@EXAMPLE.TEST -n host/proxyadmin@EXAMPLE.TEST -p fortinet
== Initialize Kerberos context ==
== TKT status 0 ==
line: 837 errcode(-1765328360) Preauthentication failed
== KRB AS Failed ==

See the FortiADC administration guide for more information.
Labels:
720
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.