KfW 3.2.2 - use_dns_lookup not using DNS responses on Win 7

[Billy Beaudoin]

I suspect this is something broken in our setup, and likely not an issue with KfW itself, but I've exhausted just about everything I know trying to figure this one out, so I'm sending it to the list and hoping someone's already hit this one.
 
Using KfW 3.2.2 (w/ OpenAFS 1.5.68) on Win 7 (64 or 32), when setting use_dns_lookup=1, I get a KDC not found error.  Specifying a KDC works fine.  Doing a packet capture, I can see that it is actually doing the DNS lookup and gets back the correct information.   Its looking for both the UDP and TCP records (we only use UDP), and getting back correct UDP info, Its just not actually using it when it gets back.
 
We're running an AD and doing GPO deployment of the package so it should be consistent, and all of the XP/Vista boxes are happy.  We are making use of the MS EC WSSG policies with some tweaks, but we've not found any settings that seem to make a bit of difference (enabling/disabling packet signing, disabling IPv6, etc.).  Process Monitor from Sysinternals isn't giving me anything useful, and the logging from KfW isn't either.
 
So here's to hoping someone's already run into this and can point me in the right direction.
 
 
 
Billy Beaudoin
ITECS Systems
NC State University