When I try to do a su [email protected] i get a user does not exist message. [email protected] exists in Active Directory. I can do kinit [email protected] successfully and get a ticket. Here are the steps I did:

1. I have MIT KDC on centos 7 CENTOSREALM.COM and Active Directory realm ADREALM.COM
2. On centos I did "realm join ADREALM.COM" which gave * Successfully enrolled machine in realm. I can see the centos hostname in Active Directory Computers container.
3. But I cannot login to the centos server with [email protected] this user exists in AD.

Where do I look for errors or steps to debug this issue? Thanks!!