Lexmark X864 PKI-Enabled Device Installation and Configuration Guide - Page 24

"Realm on the card was not found in the Kerberos Configuration File" error message This error occurs during SmartCard login. The PKI Authentication solution settings do not support multiple Kerberos Realm entries. If multiple realms are needed, you must create and upload a krbf5.conf file, containing the needed realms. If you are already using a Kerberos configuration file, verify that the missing realm has been correctly added to the file. "Client [NAME] unknown" error message This error indicates the KDC being used to authenticate the user does not recognize the User Principle Name specified in the error message 1 From the Embedded Web Server, click Settings > Embedded Solutions > PKI Authentication >Configure. 2 If the Simple Kerberos Setup has been configured in PKI Authentication, verify that the IP address or hostname of the Domain Controller is correct. 3 If you are using a Kerberos configuration file, verify that the Domain Controller entry is correct. Login hangs for a long time at "Getting User Info..." For information about LDAP-related issues, see "LDAP issues" on page 24. User is logged out almost immediately after logging in Try increasing the Panel Login Timeout interval: 1 From the Embedded Web Server, click Settings > Security > Miscellaneous Security Settings > Login Restrictions. 2 Increase the time (in seconds) of the Panel Login Timeout. LDAP issues LDAP lookups take a long time, and then may or may not work This normally occurs either during login (at "Getting User Info"), or during address book searches. PORT 389 (NON-SSL) OR PORT 636 (SSL) IS BLOCKED BY A FIREWALL These ports are used by the printer to communicate with the LDAP server, and must be open in order for LDAP lookups to work. Troubleshooting 24