Provide a nice error message when user from AD tries to access web UI.

============================

Description of problem:

Attemps to log into IPA WebUI with an AD Trusted user fails.

Version-Release number of selected component (if applicable):
ipa-server-3.0.0-106.20121026T1837zgitf14dd98.el6.x86_64
sssd-1.9.90-0.el6.x86_64
httpd-2.2.15-22.el6.x86_64

How reproducible:
alwayys

Steps to Reproduce:
1.  Setup IPA Master
2.  Setup AD Trust and create user on AD side
3.  Attempt to log into WebUI with AD user adtestuser@addomain.com

Actual results:
fails:

And I see this in /var/log/httpd/error_log:

[Thu Nov 01 10:42:18 2012] [error] ipa: INFO: *** PROCESS START ***
[Thu Nov 01 10:46:35 2012] [error] ipa: INFO: 401 Unauthorized: kinit: Client
'adtestuser1@TESTRELM.COM' not found in Kerberos database while getting initial
credentials
[Thu Nov 01 10:46:35 2012] [error]
[Thu Nov 01 10:47:02 2012] [error] [client 192.168.122.23]
gss_accept_sec_context() failed: No credentials were supplied, or the
credentials were unavailable or inaccessible (, Unknown error), referer:
https://rhel6-1.testrelm.com/ipa/ui/index.html
[Thu Nov 01 10:47:46 2012] [error] ipa: INFO: 401 Unauthorized: kinit:
Malformed representation of principal when parsing name
adtestuser1@adtestdom.com@TESTRELM.COM
[Thu Nov 01 10:47:46 2012] [error]
[Thu Nov 01 10:49:45 2012] [error] ipa: INFO: 401 Unauthorized: kinit: Client
'ADTESTDOMadtestuser1@TESTRELM.COM' not found in Kerberos database while
getting initial credentials

Expected results:
can log in like with normal IPA user.