Can you post the output of "ls /etc/security/keytabs" here. Along with the component that is part of cluster and fails to start ?
My suspect is that we should not put anything in "Principal Suffix" parameter filed when the keytab is created for any service. As, that adds cluster name into the keytab principle where as the service only looks by the username of respective service.
Could you please share more details for this issue about how you are able to fix this.
We are also facing similar issue with Ranger KMS service.
RangerKMS Principal is created in AD KDC, Also Keytab creation is success according to Ambari Server log, but it's not distributed to RangerKMS service hosted node. Due to this service is not starting up.