Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1174
Views
0
Helpful
1
Replies

Active Directory Login Issue

jpannorfi
Level 1
Level 1

‎07-11-2011 11:12 AM - edited ‎03-07-2019 01:10 AM

KRB Error: KRB5Krb_ERR_RESPONSE_TOO_BIG

Looking online I see that the explanation for this error is as follows: The server response is too big for a UDP packet.

This can occur when the user is in a large number of AD groups and the UDP packet(s) becomes too large and cannot be supported by the UDP Protocol. The permanent fix seems to be what Microsoft stated, to switch to TCP. This is not attributed to a network issue or a limitation of our LAN... It appears to be a limitation of the UDP Protocol. This of course would lead to fragmentation of the UDP packet, Microsoft should have given a better explanation of their findings as to not conclude that this was being cause by an inherent network issue.

My question is: When I try and connect to the AD Server from some other siwtches in the network it seems fine. All switches have the same IOS and I know it can't be network related because its a flat network. Not sure wht I get long logins from some switches on the network and not others? No errors on the siwtches.

Other findings that may help: 

Labels:
0 Helpful
1 Reply 1

jimmy1829
Level 1
Level 1

‎07-27-2012 11:36 AM

We are experiencing the same issue.

Anyone has any clue?

Jimmy

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card