Hello, I encountered an issue with Windows10 integration with FreeIPA server where at
desktop login it says, user name or password is incorrect. RDP session is successful but
login to the desktop fails with user name or password is incorrect. The windows client has
successfully joined the FreeIPA server. IPA server is also the DNS server. The same user
can login linux IPA client successfully.
krb5 log shows (the last line)-
Jun 12 14:01:29
ipa-server.dc1.abc.com krb5kdc[11611](info): TGS_REQ (5 etypes
{aes256-cts-hmac-sha1-96(18), aes128-cts-hmac-sha1-96(17), DEPRECATED:arcfour-hmac(23),
DEPRECATED:arcfour-hmac-exp(24), UNSUPPORTED:(-135)}) 10.2.1.23: ISSUE: authtime
1686603689, etypes {rep=aes256-cts-hmac-sha1-96(18), tkt=aes256-cts-hmac-sha1-96(18),
ses=aes256-cts-hmac-sha1-96(18)}, test(a)DC1.ABC.COM for
host/desktop-client.dc1.abc.com(a)DC1.ABC.COM
I followed the steps from
https://www.freeipa.org/page/Windows_authentication_against_FreeIPA and
https://www.rootusers.com/how-to-login-to-windows-with-a-freeipa-account/...
but desktop login failed. Any suggestion is appreciated.