FIX: "No valid credentials provided" occurs after you restart PolyBase in SQL Server 2016 and 2017

Applies to: SQL Server 2017 on Windows (all editions)SQL Server 2016 DeveloperSQL Server 2016 Enterprise


Assume that you use SQL Server 2016 or 2017. When you query data in encryption zone by using Hadoop, everything works successfully. However, after around 10 hours, the query fails and generates the following error message in Dms_polybase.log. Although the issue can be resolved if you restart the PolyBaseservices, the query may fail again after 10 hours. GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt).


The issue occurs because PolyBase does notautomatically renew the Kerberos ticket granting ticket (tgt). The ticket expires 10 hours after creation.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. 


This issue is fixed in the following cumulative updates for SQL Server:

About cumulative updates for SQL Server:

Each new cumulative update for SQL Server contains all the hotfixes and all the security fixes that were included with the previous cumulative update. Check out the latest cumulative updates for SQL Server:


Learn about the terminology that Microsoft uses to describe software updates.