SSSD fails to authenticate Active Directory users with "TGS request result: Server not found in Kerberos database" error.
Issue
-
SSSD fails to authenticate Active Directory users with
TGS request result: Server not found in Kerberos databaseerror. -
The following symptoms have been observed during this time:
- id command produces expected results.
- getent passwd command produces expected results.
- kinit username command produces expected results.
- However, ssh -l username domain command fails with the following error message in the logs:
(Tue Nov 3 10:47:13 2015) [[sssd[krb5_child[31025]]]] [sss_child_krb5_trace_cb] (0x4000): [31025] 1446518833.79104: Response was from master KDC
(Tue Nov 3 10:47:13 2015) [[sssd[krb5_child[31025]]]] [sss_child_krb5_trace_cb] (0x4000): [31025] 1446518833.79162: TGS request result: -1765328377/Server not found in Kerberos database
(Tue Nov 3 10:47:13 2015) [[sssd[krb5_child[31025]]]] [sss_child_krb5_trace_cb] (0x4000): [31025] 1446518833.79185: Requesting tickets for host/sssd-test.example.com@AD.EXAMPLE.COM, referrals off
Environment
- Red Hat Enterprise Linux 7.1
- SSSD 1.12
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
