Log:
2019-08-28 08:28:59,395 INFO [qtp1010670443-3216:https://mail.example.com/service/spnego] [oip=10.3.1.156;ua=Mozilla/5.0 (Windows NT 10.0;; Win64;; x64;; rv:68.0) Gecko/20100101 Firefox/68.0;] account - spnego auth failed: system failure: no spnego user realm
2019-08-28 08:28:59,395 INFO [qtp1010670443-3216:https://mail.example.com/service/spnego] [oip=10.3.1.156;ua=Mozilla/5.0 (Windows NT 10.0;; Win64;; x64;; rv:68.0) Gecko/20100101 Firefox/68.0;] account - spnego auth failed: authentication failed for [], no principal
Settings
Code: Select all
$ zmprov gacf | grep Spnego
zimbraSpnegoAuthEnabled: TRUE
zimbraSpnegoAuthErrorURL: /?ignoreLoginURL=1
zimbraSpnegoAuthRealm: EXAMPLE.LOCAL
$ zmprov gs `zmhostname` | grep Spnego
zimbraSpnegoAuthPrincipal: HTTP/mail.example.com@EXAMPLE.LOCAL
zimbraSpnegoAuthTargetName: HTTP/mail.example.com
zmprov gd ft.by | grep Auth
zimbraAdminConsoleLDAPAuthEnabled: FALSE
zimbraAuthFallbackToLocal: TRUE
zimbraAuthKerberos5Realm: example.local
zimbraAuthLdapBindDn: %u@example.local
zimbraAuthLdapSearchBindDn: ldap@example.local
zimbraAuthLdapSearchBindPassword: ***************
zimbraAuthLdapURL: ldap://dc1.example.local:389 ldap://dc3.example.local:389
zimbraAuthMech: ad
zimbraAuthMechAdmin: ad
zimbraBasicAuthRealm: Zimbra
zimbraReverseProxyExternalRouteIncludeOriginalAuthusername: FALSE
$ ls -al /opt/zimbra/data/mailboxd/spnego/jetty.keytab
-rwxr-xr-x 1 zimbra zimbra 67 Jul 22 2016 /opt/zimbra/data/mailboxd/spnego/jetty.keytab