krb5 "Error Code 52" - UDP packet size - TCP fallback

Uli uli.schroeder at
Fri Jun 6 14:24:42 EDT 2003

Hi folks,

I have a problem authenticating my RedHat 9 against Active Directory. 
I'm running the MIT implementation of kerberos.

When I run kinit for my testuser it works fine. The testuser ist just a 
member of the domain with read access to the directory. No other groups 
or permissions. When I try to do a kinit for my own account with all its 
group memberships, etc., I just get the error code 52. I read on the 
internet that this is because the Windows 2000 server switches from UDP 
to TCP if the maximum packet size is exceeded. I think this happens with 
all my "normal" users.

It seems like a lot of people managed to authenticate against AD. 
Maybesomeone can help me with this problem and tell me how he solved it.

Thanks in advance.


More information about the Kerberos mailing list