IPA-AD Trust user fails to authenticate with error message "Decrypt integrity check failed"
Issue
- IPA-AD Trust user fails to authenticate during the first password attempt but succeeds the second or third time the password is entered.
- A cross-forest trust is established between two AD domains
example.com
andtest.com
. - A user from the AD trusted domain
user@test.com
is not able to authenticate against servers on test.com
Environment
- Red Hat Enterprise Linux 7.x
- SSSD 1.16
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.