Logging on to a domain with Shared Networking (NAT) may take a long time in Virtual PC 2004 Service Pack 1 (889510)
The information in this article applies to:
- Microsoft Virtual PC 2004 Service Pack 1
SYMPTOMSWhen you try to log on to a domain from a virtual computer
that is running in Microsoft Virtual PC 2004 Service Pack 1 (SP1), the logon process
may take a long time to finish.CAUSEThis problem occurs when the virtual computer uses Microsoft
Windows XP or Microsoft Windows 2000 as the guest operating system, and uses Shared Networking to connect to
the network domain. Shared Networking does not easily handle fragmented UDP packets that are created
by Kerberos authentication. Typically, the Windows XP and the Windows 2000
implementations of Kerberos create messages that are too large to fit in a
single UDP packet. Note The Networking setting in Virtual PC uses the term "Shared Networking (NAT)," where "NAT" indicates Network Address Translation. WORKAROUNDTo work around this problem, you must force Kerberos
in the guest operating system to use TCP instead of UDP for authentication.
For additional information
about how to force Kerberos to use TCP instead of UDP, click the following article number to view the article in the Microsoft Knowledge Base:
244474
How
to force Kerberos to use TCP instead of UDP
STATUSMicrosoft
has confirmed that this is a problem in the Microsoft products that are listed
in the "Applies to" section.
Modification Type: | Major | Last Reviewed: | 11/23/2004 |
---|
Keywords: | kbKerberos kblogin kbtshoot kbprb KB889510 kbAudEndUser kbAudITPRO |
---|
|