SSSD user logins fail due to failed TGT validation
Issue
- Unable to login with SSSD configured using the AD provider
- Able to resolve AD Trust users in IDM but logins fail
- SSSD
/var/log/sssd/krb5_childerrors when attempting logins
[[sssd[krb5_child[4138]]]] [validate_tgt] (0x0020): TGT failed verification using key for [host/idmsystem.example.com@EXAMPLE.COM]
[[sssd[krb5_child[4138]]]] [get_and_save_tgt] (0x0020): 1240: [-1765328377][Server not found in Kerberos database]
[[sssd[krb5_child[4138]]]] [map_krb5_error] (0x0020): 1301: [-1765328377][Server not found in Kerberos database]
Environment
- Red Hat Enterprise Linux 7
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
