Hi,
this patch should fix
https://fedorahosted.org/sssd/ticket/1921 . IF
enterprise principals are used the principal returned duing the kinit
process will most certainly look different then the one we guess or read
from LDAP attributes. This means we should always update our cache with
the new value so the e.g. we can properly parse the credential cache.
Initially I have seen validation failures, but currently I cannot
reproduce them anymore.
bye,
Sumit