kinit: KRB5 error code 52 while getting initial credentials
All,
I'm getting the following error on a Solaris 8 machine:
kinit: KRB5 error code 52 while getting initial credentials
So far my analysis shows this error to indicate the following:
0x34 - KRB_ERR_RESPONSE_TOO_BIG - Too much data
According to a number of forums, some inheriant limitations exist with the Solaris 8 version of Kerberos concerning the number of group memberships a user may have. In my Active Directory, each user is a member of possibly many groups. To confirm this, I created a simple user with only membership to "Domain Users" and was able to run kinit without issue.
Also, I seen a number of forums reporting that the native version of Kerberos in Solaris 8 does not support TCP. Apparently by default, once the package size of a Kerberos ticket reaches a specified max, TCP should be used.
I have the following Kerberos packages loaded:
SUNWk5pk kernel Kerberos V5 plug-in w/auth+privacy (32-bit)
SUNWk5pkx kernel Kerberos V5 plug-in w/auth+privacy (64-bit)
SUNWk5pu user Kerberos V5 gss mechanism w/auth+privacy (32-bit)
SUNWk5pux user Kerberos V5 gss mechanism w/auth+privacy (64-bit)
Are updated packages for Kerberos available for Solaris 8 environments that can handle support for Kerberos over TCP and having a large number of group memberships?