Can't login to the AD user account after creating user keytab from Active Directory ?

Solution Verified - Updated -

Issue

Can't login to the AD user account after creating user keytab from Active Directory ?

Used the following commands to create the keytab :

ktpass.exe /out sa-samba.keytab -princ sa-samba@EXAMPLE.COM +rndPass /mapuser EXAMPLE\sa-samba /crypto all /ptype KRB5_NT_PRINCIPAL

--snip output --

WARNING: Unable to set SPN mapping data.
If sa-samba already has an SPN mapping installed for sa-samba, this is no cause
for concern.
Password successfully set!
Key created.
Key created.
Key created.
Key created.
Key created.
Output keytab to sa-samba.keytab:
Keytab version: 0x502

It appears running the command above resets the user password. After resetting the user password again , able to login.

Environment

Red Hat enterprise Linux 6
Red Hat enterprise Linux 7
SSSD
Active Driectory

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content