Loading

Kerberos Troubleshooting

adminMicrosoft, ,

Having intermittent problems with Kerberos working and failing try the following

Make the following registry updates/changes on your moss farm and associated servers which are using kerberos

Registry Key: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsaKerberosParameters

  • Value: MaxPacketSize
  • DWORD Value: 1 (hex or dec)

More information: http://support.microsoft.com/kb/244474

Registry Key: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsaKerberosParameters

  • DWORD Value Name: MaxTokenSize
  • Value: ffff (hex)

    • More information: http://support.microsoft.com/kb/327825

    Enabling Kerberos Event Logging on a Specific Computer

    1. Start Registry Editor.
    2. Add the following registry value:
      HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsaKerberosParameters

      Registry Value: LogLevel
      Value Type: REG_DWORD
      Value Data: 0x1

      If the Parameters subkey does not exist, create it.

      Note Remove this registry value when it is no longer needed so that performance is not degraded on the computer. Also, you can remove this registry value to disable Kerberos event logging on a specific computer.

    3. Quit Registry Editor. The setting will become effective immediately on Windows Server 2008, on Windows Vista, on Windows Server 2003, and on Windows XP. For Windows 2000, you must restart the computer.

    More information: http://support.microsoft.com/kb/262177

    Leave a Reply

    Your email address will not be published. Required fields are marked *