CompTIA Server+ (SK0-005) — Question 112

A technician learns users are unable to log in to a Linux server with known-working LDAP credentials. The technician logs in to the server with a local account and confirms the system is functional, can communicate over the network, and is configured correctly. However, the server log has entries regarding Kerberos errors.

Which of the following is the MOST likely source of the issue?

Answer options

• A. A local firewall is blocking authentication requests.
• B. The users have expired passwords.
• C. The system clock is off by more than five minutes.
• D. The server has no access to the LDAP host.

Correct answer: C

Explanation

The correct answer is C because Kerberos authentication is time-sensitive and requires that the system clocks of the client and server be synchronized within a five-minute window. If the clock is not accurate, authentication requests will fail. The other options may cause issues but are less likely given the specific context of Kerberos errors in the logs.