I have a Domain Controller in another country that is connected to our Forest through a VPN Tunnel.
According to the Net guys their is lots of fragmentation due to going through multiple switches, TAC's exc.
I was told to change the Kerberos from UDP to TCP in the registry of our Domain Controllers
I understand basic concepts of UDP and TCP however, I don't know what unforseen issues Kerberos will have through the switch.
Can someone send me a link explaining the best practice for this change or at least a good site explaining how TCP/Kerberos works?