Can't login to the AD user account after creating user keytab from Active Directory ?

Solution Verified - Updated -

Issue

Can't login to the AD user account after creating user keytab from Active Directory ?

Used the following commands to create the keytab :

ktpass.exe /out sa-samba.keytab -princ sa-samba@EXAMPLE.COM +rndPass /mapuser EXAMPLE\sa-samba /crypto all /ptype KRB5_NT_PRINCIPAL

--snip output --

WARNING: Unable to set SPN mapping data.
If sa-samba already has an SPN mapping installed for sa-samba, this is no cause
for concern.
Password successfully set!
Key created.
Key created.
Key created.
Key created.
Key created.
Output keytab to sa-samba.keytab:
Keytab version: 0x502

It appears running the command above resets the user password. After resetting the user password again , able to login.

Environment

Red Hat enterprise Linux 6
Red Hat enterprise Linux 7
SSSD
Active Driectory

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.