[OpenAFS] Kerberos Ticket Sizes when using AD as the KDC and
OpenAFS
ted creedon
tcreedon@easystreet.com
Thu, 26 Jan 2006 11:35:04 -0800
What happens to non service tickets?
tedc
Douglas E. Engert wrote:
> From the article:
>
> "New resolution for problems that occur when users belong to many groups"
> http://support.microsoft.com/?kbid=327825
>
> It looks like XP and W2003 no longer have a max_token_size limit, and
> thus
> the size of a ticket could now be above 12,000 bytes.
>
> So for any sites that use Active Directory as the KDC and OpenAFS,
> keep this folloeing option in mind for the afs/cell@realm principal
>
> "An update is available that introduces the NO_AUTH_REQUIRED flag to
> the UserAccountControl property in Windows Server 2003 and in Windows
> 2000"
> http://support.microsoft.com/kb/832572
>
>