SSSD user logins fail due to failed TGT validation

Solution In Progress - Updated -

Issue

  • Unable to login with SSSD configured using the AD provider
  • Able to resolve AD Trust users in IDM but logins fail
  • SSSD /var/log/sssd/krb5_child errors when attempting logins
[[sssd[krb5_child[4138]]]] [validate_tgt] (0x0020): TGT failed verification using key for [host/idmsystem.example.com@EXAMPLE.COM]
[[sssd[krb5_child[4138]]]] [get_and_save_tgt] (0x0020): 1240: [-1765328377][Server not found in Kerberos database]
[[sssd[krb5_child[4138]]]] [map_krb5_error] (0x0020): 1301: [-1765328377][Server not found in Kerberos database]

Environment

  • Red Hat Enterprise Linux 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.