tests: ensure AD-SUPPORT subpolicy is active
    
    Use AD-SUPPORT subpolicy when testing trust to Active Directory in FIPS
    mode. This is required in FIPS mode due to AD not supporting Kerberos
    AES-bases encryption types using FIPS-compliant PBKDF2 and KDF, as
    defined in RFC 8009.
    
    Fixes: https://pagure.io/freeipa/issue/9119
    
    Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
    Reviewed-By: Julien Rische <jrische@redhat.com>
    Reviewed-By: Francisco Trivino <ftrivino@redhat.com>