2005 3:20 PM
To: Smith, William E. (Bill), Jr.
Cc: Wyllys Ingersoll; kerberos@mit.edu
Subject: Re: Problems trying to authenticate Unix users via Active
Directory
Smith, William E. (Bill), Jr. wrote:
> I did notice that things seem to work properly in Solaris 10 and
> figured it mus
, August 29, 2005 10:10 AM
To: Smith, William E. (Bill), Jr.
Cc: kerberos@mit.edu
Subject: Re: Problems trying to authenticate Unix users via Active
Directory
Bill Smith wrote:
From what I've found, it seems to be an issue with the user being in
too
many AD groups, the Windows KDC wanti
-Original Message-
From: Wyllys Ingersoll [mailto:[EMAIL PROTECTED]
Sent: Monday, August 29, 2005 10:10 AM
To: Smith, William E. (Bill), Jr.
Cc: kerberos@mit.edu
Subject: Re: Problems trying to authenticate Unix users via Active
Directory
Bill Smith wrote:
>>From what I'v
Bill Smith wrote:
From what I've found, it seems to be an issue with the user being in too
many AD groups, the Windows KDC wanting to use TCP rather than UDP, and the
MIT version not supporting it. What I'm not certain on is whether is the
version shipped with Solaris 9 is MIT-based or someth
You must have migrated from AD 2000 to AD 2003. AD had to adjust with
migration from many NT domains to one so it kept the legacy group ID's
in the credentials even though there is now a concatenated group, just
in case there was a server out there that has yet to migrate
(SIDHistory). I've s
See
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/O
perations/3872f0d7-e4b3-49ed-9a4b-1fefbf0d4547.mspx
http://support.microsoft.com/?kbid=832572
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Bill Smith
Sent: Thursday, August 2
The registry key you mention is likely MaxPacketSize:
244474 How to force Kerberos to use TCP instead of UDP in Windows Server
2003,
http://support.microsoft.com/?id=244474
The default MaxPacketSize for Windows did change from Windows 2000 (2000
bytes) to Windows Server 2003 (1465 bytes). If you
