IBM Java 1.4.2 Kerberos over TCP

Pittman Daniel E Jr Civ 96 CG/SCTOA daniel.pittman at
Mon Oct 18 11:43:53 EDT 2004

Hello, I am trying to connect to an AD 2003 server, and am encountering the
following error

After doing some research, I have found this is related to a problem which
occurs when a UDP packet is too large. UDP seems to be the only connection
protocol supported in IBM's implementation of the Kerberos/JAAS
authentication schemes, could you please verify this information? It would
be very helpful if there were a way to connect to an AD controller via TCP.
I have already tried adding the line  udp_preference_limit = 1 to my
krb5.conf file, and it seems to be ignored by the IBM implementation. I
would use the Sun implementation which does now support TCP, but that
solution is also equally filled with problems for me as it does not support
the RC4/HMAC encryption scheme that my current situation is forcing me to
use. Thanks in advance for any help you can provide. 

Daniel E. Pittman, Jr
Phone: (850) 882-5498

More information about the Kerberos mailing list