[Samba] Response too big for UDP, retry with TCP

Martin Zielinski mz at seh.de
Wed Jul 11 11:47:44 GMT 2007


What does kinit say, if you have the
e.g. "kdc = tcp/192.168.1.1" line in your krb.conf?

I'm using the same (0.6.3) heimdal version that does not have a tcp 
fallback. But could not get kinit to using UDP with this line in the 
krb5.conf.

~ Martin


Nejc Škoberne schrieb:
> Hi again,
> 
>> You could either use an administrative account which is not a member 
>> of so many groups (causing the "packet too big" error), or use a more 
>> recent version of samba.
>> In any version <= 3.0.22 the tcp fallback is not implemented during 
>> the kpasswd request. The krb5.conf kdc line is not taken into account 
>> at this place.
> 
> I upgraded Samba to 3.0.25a and tried again with the user, who has 
> administrator
> privileges but is not in so many groups. I get a bit different message, 
> but it
> is still a no go:
> 
> root at Bonaparte:~# net ads join -U domainadmin%idsrmap978
> [2007/07/11 11:36:34, 0] libads/kerberos.c:ads_kinit_password(227)
>   kerberos_kinit_password domainadmin at INFRAX.LOCAL failed: Response too 
> big for UDP, retry with TCP
> Failed to join domain: NT_STATUS_PROTOCOL_UNREACHABLE
> 
> Any ideas?
> 
> Thanks,
> Nejc
> 

-- 
Martin Zielinski             mz at seh.de
Software Development
SEH Computertechnik GmbH     www.seh.de



More information about the samba mailing list