Kerberos: can't get S4U2Self ticket for user firstname.lastname@example.org - TGT has been revoked (-176532836)
We have SSO Mapping with Cross Relam authentication configured and for few of the user SSO Mapping is working for the few users which are part of Local domain : xyz.com and delgation account and Application domain is 123.com.
Users from 123.com are not facing any issues. When we have checked session logs of the user it was identifed that for users who are facing the problem error is : Kerberos: can't get S4U2Self ticket for user email@example.com - TGT has been revoked (-176532836).
We are not able understand wether it is the user TGT ticket or delegation account http/bigip.123.com ticket.
Please suggest your opion for this.
We have also taken tcp dum and in tcp dump and as per TCP every time UDP packet is fragmented we are getting TGT revoked error