The following error is returned during a login attempt. The user cannot authenticate.
This issue typically occurs because there is an issue with the user's Kerberos cache file. There will be events like the following in the lsass debug log file.
6.1/src/linux/lsass/server/api/auth.c:174] Failed to authenticate user (name = 'username') -> error = 41931, symbol = LW_ERROR_KRB5_CC_NOMEM, client pid = -1 6.1/src/linux/lwadvapi/threaded/lwkrb5.c:613] KRB5 Error code: -1765328186 (Message: No more memory to allocate (in credentials cache code))
In this particular case, there was an old /tmp/krb5cc_<uid> Kerberos cache file for the user. Once the file was deleted, the user could authenticate and a new Kerberos cache file was created with the new UID.
Delete the /tmp/krb5cc_<uid> file. Attempt to authenticate and the user should be allowed in.