Resolution

Verify that the information within ExecuTime for the Key Distribution Center and Realm is accurate.

Login to the application, and navigate to System Admin > UI Environment Flags > Login Configuration
Under Kerberos v5, verify the Key Distribution Center IP Address and Realm is correct.
1. If the Key Distribution Center field has the incorrect IP Address, update the field with the correct information.
  1. On the ExecuTime application server, check if you can ping the IP or name that is entered in ExecuTime for the Key Distribution Center
    1. Note: If the application server can't see the DC, all users who are Kerberos authenticated will be affected
2. If the Realm field is incorrect, update the field with the correct information.
  1. The Realm can be determined from any workstation by echoing the value of %USERDNSDOMAIN% from the DOS command line prompt on your domain.
    1. Open a Windows Command Prompt by selecting Start and typing Command Prompt
    2. The Command Prompt will open, then type echo %USERDNSDOMAIN% and press Enter
    3. The value returned is the Realm that should be entered into the Realm field in the application
3. Changes won't take effect until the ExecuTime service is restarted - How to restart the ExecuTime Service - OnPrem

Check if the time on the ExecuTime application server, and the client PC is in sync with the time on the Domain Controller.

The DC being referenced isn't syncing properly. DC changes can take a while to propagate throughout one's infrastructure can cause login issues if changes have yet to be synced.

Browser not supported