Powershell plugin, Kerbros Authentication and a "Server not found in Kerberos database" error

Hi,

I have set up VCO to use kerberos for adding a powershell host before.

It works great.

I had to set up a second VCO instance to be able to talk to some clients behind a firewall via SSH and powershell. The "regular" VCO instance can't talk to these clients becuase opening ports for the working VCO is not an option.

SO, the workaround was, I set up another vco instance, got it added via the multi-node plugin, etc..

The issue came when I tried to add a server as a powershell host. I copied and pasted the krb5.conf file from the working VCO.

Everything is in the same domain as the "working" VCO/powershell host.

When I try to add the troublesome host I get the following error:

Workflow execution stack:

***

item: 'Add a PowerShell host/item8', state: 'failed', business state: 'null', exception: 'No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7))) (Dynamic Script Module name : addPowerShellHost#19)'

workflow: 'Add a PowerShell host' (EF8180808080808080808080808080803D80808001270557368849c62c352aa82)

|  'attribute': name=errorCode type=string value=No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7))) (Dynamic Script Module name : addPowerShellHost#19)

|  'attribute': name=sslUrl type=string value=https://powershellhost.fnal.gov:5986/wsman/

|  'input': name=name type=string value=powershellhost

|  'input': name=type type=string value=WinRM

|  'input': name=transportProtocol type=string value=HTTPS

|  'input': name=port type=string value=5986

|  'input': name=hostName type=string value=powershellhost.domain.com

|  'input': name=username type=string value=username@subdomain.domain.com

|  'input': name=password type=SecureString value=__NULL__

|  'input': name=sessionMode type=string value=Shared Session

|  'input': name=authentication type=string value=Kerberos

|  'input': name=acceptAllCertificates type=boolean value=true

|  'input': name=shellCodePage type=string value=IBM437

|  'output': name=host type=PowerShell:PowerShellHost value=null

*** End of execution stack.

I have consulted The Great Oracle (google), and what it told me was that this is usually a DNS issue, but I have checked my DNS, and I can resolve the hostname, as well as all the KDCs.

I have looked at the firewall activity, and can see the VCO server talking to the KDC on port 88, the DNS servers on 53, the Powershell Host on 5986. I dont think it's a Firewall issue.

If anyone has any ideas, I'd appreciate it.

Jason