Solved

Kerberos UDP to TCP reg switch?

Posted on 2008-10-17
2
918 Views
Last Modified: 2008-11-23
I have a Domain Controller in another country that is connected to our Forest through a VPN Tunnel.

According to the Net guys their is lots of fragmentation due to going through multiple switches, TAC's exc.
I was told to change the Kerberos from UDP to TCP in the registry of our Domain Controllers

I understand basic concepts of UDP and TCP however, I don't know what unforseen issues Kerberos will have through the switch.

Can someone send me a link explaining the best practice for this change or at least a good site explaining how TCP/Kerberos works?
0
Comment
Question by:snyderkv
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Author Comment

by:snyderkv
ID: 22747443
A more important question is if we do end up needing this will I have to enable it via a GPolicy template on DC's only or all member servers? What if a DC does not have it will it still communicate?
0
 
LVL 39

Accepted Solution

by:
ChiefIT earned 500 total points
ID: 22756166
Well, what do you think of this article?
http://support.microsoft.com/kb/244474
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question