SSSD user logins fail due to failed TGT validation

Solution In Progress - Updated -

Issue

  • Unable to login with SSSD configured using the AD provider
  • Able to resolve AD Trust users in IDM but logins fail
  • SSSD /var/log/sssd/krb5_child errors when attempting logins
[[sssd[krb5_child[4138]]]] [validate_tgt] (0x0020): TGT failed verification using key for [host/idmsystem.example.com@EXAMPLE.COM]
[[sssd[krb5_child[4138]]]] [get_and_save_tgt] (0x0020): 1240: [-1765328377][Server not found in Kerberos database]
[[sssd[krb5_child[4138]]]] [map_krb5_error] (0x0020): 1301: [-1765328377][Server not found in Kerberos database]

Environment

  • Red Hat Enterprise Linux 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In