"The user name could not be found" when connecting to windows as AD user

[sed909]

Hello, I just started using teleport and wanted to make login in windows machines using AD. I have configured anything like it was in documentation, but when I connect to windows I get this

Teleport and AD are properly configured and teleport is connecting to AD, judging by these logs

[WINDOWS_D] querying LDAP for objectSid of Windows username "USER" with filter (&(sAMAccountType=123)(sAMAccountName=USER)) pid:47391.1 desktop/windows_server.go:1179
[WINDOWS_D] TDP input streaming starting client-ip:CLIENT_IP desktop-addr:DESKTOP_IP:3389 desktop-name:DESKTOP_NAME pid:47391.1 rdp-addr:DESKTOP_IP:3389 rdpclient/client.go:364
[WINDOWS_D] Found objectSid S-123-123-123 for Windows username USER pid:47391.1 desktop/windows_server.go:1201

Also, if I login using username that is not in AD, I get error that there's no such user from teleport, so it properly communicating with AD server. In windows events there is only one error

Description:
An account failed to log on.

Subject:
Security ID: SYSTEM
Account Name: name
Account Domain: domain
Logon ID: 0x3E7

Logon Type: 10

Account For Which Logon Failed:
Security ID: NULL SID
Account Name: user
Account Domain: domain

So the main problem is with NULL SID. I tried everything and cant figure out why I cant connect to server, please help.

[stevenGravy]

This appears to have the Teleport Windows auth package installed. That should not be installed if you are going to be doing domain authentication connections. You should do either domain or local connections, not both.

[webvictim]

FYI you can uninstall the Windows auth package by re-running the installer binary and choosing the uninstall option.