Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Kerberos UDP to TCP reg switch?

Posted on 2008-10-17
2
Medium Priority
?
919 Views
Last Modified: 2008-11-23
I have a Domain Controller in another country that is connected to our Forest through a VPN Tunnel.

According to the Net guys their is lots of fragmentation due to going through multiple switches, TAC's exc.
I was told to change the Kerberos from UDP to TCP in the registry of our Domain Controllers

I understand basic concepts of UDP and TCP however, I don't know what unforseen issues Kerberos will have through the switch.

Can someone send me a link explaining the best practice for this change or at least a good site explaining how TCP/Kerberos works?
0
Comment
Question by:snyderkv
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Author Comment

by:snyderkv
ID: 22747443
A more important question is if we do end up needing this will I have to enable it via a GPolicy template on DC's only or all member servers? What if a DC does not have it will it still communicate?
0
 
LVL 39

Accepted Solution

by:
ChiefIT earned 2000 total points
ID: 22756166
Well, what do you think of this article?
http://support.microsoft.com/kb/244474
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question