SSSD fails to authenticate Active Directory users with "TGS request result: Server not found in Kerberos database" error.
Issue
-
SSSD fails to authenticate Active Directory users with
TGS request result: Server not found in Kerberos database
error. -
The following symptoms have been observed during this time:
- id command produces expected results.
- getent passwd command produces expected results.
- kinit username command produces expected results.
-
However, ssh -l username domain command fails with the following error message in the logs:
[[sssd[krb5_child[31025]]]] [sss_child_krb5_trace_cb] (0x4000): [31025] 1446518833.79104: Response was from master KDC [[sssd[krb5_child[31025]]]] [sss_child_krb5_trace_cb] (0x4000): [31025] 1446518833.79162: TGS request result: -1765328377/Server not found in Kerberos database [[sssd[krb5_child[31025]]]] [sss_child_krb5_trace_cb] (0x4000): [31025] 1446518833.79185: Requesting tickets for host/sssd-test.example.com@AD.EXAMPLE.COM, referrals off
Environment
- Red Hat Enterprise Linux 7.1.
- SSSD.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.