Jeffrey Altman wrote:
Douglas E. Engert wrote:
If its the large ticket problem, there is a way to tell AD that the service
ticket for AFS does not need a PAC, thus reducing the size from maybe
12k to
less then 500 bytes.
See: http://support.microsoft.com/kb/305144
And this which adds the NO_AUTH_DATA_REQUIRED
http://support.microsoft.com/kb/832572
Your admin can set NO_AUTH_DATA_REQUIRED on the afs service account in AD.
This only works if the afs service ticket is being served by AD. It
does not work if cross-realm is being used to access an afs service
ticket from a MIT/Heimdal realm. There is no method to remove the PAC
from a cross-realm tgt.
Yes, but the TGT is not send via rx over UDP, only the service ticket which
appears
to be the issue. So you comments on the src/util not being built correctly or
the rxmaxmtu might solve the problem too.
Jeffrey Altman
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
--
Douglas E. Engert <[email protected]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
