Issue

AD users are not able to ssh in to IPA client due to the error: "No principal matching host/ipa-client.example.edu@AD.EXAMPLE.EDU found in keytab" in krb5_child.log file .
id commands returns correct outputs.
AD users are able to ssh in to IPA server.

Following errors are seen in /var/log/sssd/krb5_child.logs

Trying to find principal host/ipa-client.example.edu@AD.EXAMPLE.EDU in keytab.
No principal matching host/ipa-client.example.edu@AD.EXAMPLE.EDU found in keytab.
find_principal_in_keytab failed for principal host/ipa-client.example.edu@AD.EXAMPLE.EDU.

klist -ket produced the following output :

keytab name: FILE:/etc/krb5.keytab
KVNO Timestamp         Principal
---- ----------------- --------------------------------------------------------
   host/host/ipa-client.example.edu.au@AD.EXAMPLE.EDU (aes256-cts-hmac-sha1-96) 
   host/host/ipa-client.example.edu.au@AD.EXAMPLE.EDU (aes128-cts-hmac-sha1-96) 
   host/host/ipa-client.example.edu.au@AD.EXAMPLE.EDU (aes256-cts-hmac-sha384-192) 
   host/host/ipa-client.example.edu.au@AD.EXAMPLE.EDU (aes128-cts-hmac-sha256-128) 
   host/host/ipa-client.example.edu.au@AD.EXAMPLE.EDU (des3-cbc-sha1) 
   host/host/ipa-client.example.edu.au@AD.EXAMPLE.EDU (arcfour-hmac)

In the above output it was noticed ".au" is included in the domain section of the hostname which was incorrect.

nslookup's returned hostname with incorrect ".au"

#nslookup ipa-client.example.edu
Server:         130.x.x.x
Address:        130.x.x.x#53

Name:   ipa-client.example.edu
Address: 10.21.x.x

# nslookup 10.21.x.x
Server:         130.x.x.x
Address:        130.x.x.x#53

197.x.x.x.in-addr.arpa      name =  ipa-client.example.edu.au.