Show Contents / Index / Search

KDC Tab (Realm Properties Dialog Box)

Getting there

From this tab, you can add or remove a KDC (Key Distribution Center), and rearrange the order of KDCs for the selected realm. You can also define an administrative KDC for the realm and specify UDP or TCP for communications.

The options include the following:

KDC list

Displays the current list of KDCs. The order of hosts in the KDC list determines the order in which the KDCs attempt to service an authentication request. If the first KDC in the list fails to service a request, the next KDC makes an attempt, and so on.

Use the Up and Down buttons to change the order of the list.

Kadmin server

Specifies the administrative KDC or master for this realm. You must specify a master KDC to change passwords.

Use Windows logon credentials

When selected, Reflection uses your Windows credentials to supply Kerberos identification and authentication.

This option is available only if you're logged on to a Windows domain and your system is configured to support this feature.

Use Leash32 cache

When selected, the Reflection Kerberos client uses your Leash32 credentials cache to obtain service tickets. If you authenticate to the KDC through Leash32, you don't need to reenter your Kerberos passwords.

This option is available only if you installed Leash32 on your system.

Maximum UDP packet size

Specifies the maximum packet size for UDP communications with the KDC. The Reflection Kerberos client uses UDP as the default protocol for communications unless the packet size exceeds the value specified, in which case, it uses TCP. Set the value to zero to use only TCP.

Decrease this value if you have trouble authenticating to a Windows KDC and you belong to a large number of groups, or if Use Windows logon credentials is selected.

Related Topics

Configure a Realm to Use Windows Logon Credentials

Configure a Realm to Use Leash32 Credentials