Is there a username length limit for Kerberos hash, with VPN3005 and AD?

Unanswered Question
May 1st, 2008

I have a 3005 VPN Concentrator, and hav e noticed a recurring pattern with a number of users. I am using Windows 2003 R2 Active Director for authentication.

If they happen to have a user name that is unusually long (i.e. more than 12 characters) the Cisco 4.8 VPN client will refuse to allow them to authenticate to the VPN Concentrator, until I enable the "Do not require Kerberos preauthentication" switch on their account, at which point they authenticate fine.

Am I hitting some sort of Kerberos hash length limitation, with users with unusually long login names?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion