Unable to join domain with a smart card (Kerberos succeeds) RRS feed

  • Question

  • I'm trying to join a Windows 10 machine to a Windows Server 2016 domain. I've added the root CA to the computer's 3rd party CA store, and Kerberos is not complaining. The error the UI gives is "User name or password incorrect," and the log shows 

    NetpLdapBind: ldap_bind failed on <snip>: 49: Invalid Credentials

    I have tried turning on X509Hints, and that did not make a difference.

    Friday, February 9, 2018 8:59 PM