Centos 8 Cannot login with Active Directory users — cannot set groups: Invalid argument

this is my centos version:

cat /etc/redhat-release
CentOS Linux release 8.5.2111

this is my environment:

# realm list
  type: kerberos
  realm-name: TO******.TECH
  domain-name: to******.tech
  configured: kerberos-member
  server-software: active-directory
  client-software: sssd
  required-package: oddjob
  required-package: oddjob-mkhomedir
  required-package: sssd
  required-package: adcli
  required-package: samba-common-tools
  login-formats: %U@to******.tech
  login-policy: allow-permitted-logins
  permitted-logins: wuzhouquan@to******.tech
 id wuzhouquan@to******.tech
uid=29******8(wuzhouquan@to******.tech) gid=29******3(domain users@to******.tech)

when i login with ad user:

su - wuzhouquan@to******.tech

there is error code

su: cannot set groups: Invalid argument

Read more here: Source link