Help interpreting wireshark traces

[Rick van Rein]

Hi Lars,

Disclaiming any experience with AD; but this sounds like the domain join
might have replaced the keytab that held the old service ticket, or perhaps
it is now unreachable because AD has renamed the realm.

SASL traces should be visible, at least if you’re not running inside TLS, which
is not necessary for GSS-API (but it is for data privacy since SASL apps usually
don’t use the C_Wrap() facilities).

I hope this helps!

-Rick