Error
Error Code:
2067
MySQL Error 2067: SSO Kerberos User Not Found
Description
This error indicates that MySQL, when configured for Kerberos-based Single Sign-On (SSO), failed to find or authenticate the connecting user via the Kerberos Key Distribution Center (KDC). It typically occurs during client connection attempts when the Kerberos principal for the user is missing or misconfigured.
Error Message
SSO user not found, Please perform SSO authentication using kerberos.
Known Causes
4 known causesMissing Kerberos User Principal
The user account attempting to connect to MySQL does not exist as a principal in the configured Kerberos Key Distribution Center (KDC).
Incorrect Kerberos Principal Name
The client is attempting to authenticate with a Kerberos principal name that does not match the expected format or the principal registered for the user.
Kerberos Configuration Mismatch
There are misconfigurations in the Kerberos client (e.g., krb5.conf) or server settings that prevent proper authentication and user lookup.
Server Keytab File Issues
The MySQL server's Kerberos keytab file (e.g., mysql.keytab) is missing, corrupted, or has incorrect permissions, preventing it from validating user principals.
Solutions
Coming SoonDetailed step-by-step solutions for this error are being prepared. In the meantime, try these general troubleshooting tips:
General Troubleshooting Tips
- Check the error message carefully for specific details
- Review recent changes that might have caused the error
- Search for the exact error code in the official documentation
- Check log files for additional context
- Try restarting the application or service