[OpenAFS] Kerberos Ticket Sizes when using AD as the KDC and
Thu, 26 Jan 2006 11:35:04 -0800
What happens to non service tickets?
Douglas E. Engert wrote:
> From the article:
> "New resolution for problems that occur when users belong to many groups"
> It looks like XP and W2003 no longer have a max_token_size limit, and
> the size of a ticket could now be above 12,000 bytes.
> So for any sites that use Active Directory as the KDC and OpenAFS,
> keep this folloeing option in mind for the afs/cell@realm principal
> "An update is available that introduces the NO_AUTH_REQUIRED flag to
> the UserAccountControl property in Windows Server 2003 and in Windows