AD authentication failing on Enforce

All Enforce portal users are unable to login. Enforce is configured to use AD authentication.

Users can verify their password are correct.

Wireshark network capture shows the AD server is responding with "KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN" error.

The "KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN" means that the AD DC server is unable to find the ad user in their database.

To resolve this issue, we can reconfigure the krb5.ini in the enforce server to add a different AD DC server and work with the AD team to resolve the authentication issue with the problem DC.