> So, to generalize, the mechanism level subcodes can always be taken as some failure in communicating with KDC, right? Yes, it can be always taken as something wrong in the Kerberos layer (not necessarily only KDC, could also be things such as bad enctypes in keytab, etc., but always Kerberos mechanism related) > I also see that despite this error, ZK does continue to function ... so is this error to be really treated seriously? Did a retry of the auth perhaps succeed? Its not normal for it to repeat the errors.
... View more
