Increase Maximum Kerberos Token Size

The kerberos SSPI package generated an output token of size 12750 bytes, which was too large to fit in the token buffer of size 12000 bytes, provided by process id 4.

The output SSPI token being too large is probably the result of the user willdrie901@INTRA.*.*.* being a member of a large number of groups.

It is recommended to minimize the number of groups a user belongs to. If the problem can not be corrected by reduction of the group memberships of this user, please contact your system administrator to increase the maximum token size, which in term is configured machine-wide via the following registry value: HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters\MaxTokenSize.

How to fix this …


HKEY_LOCAL_MACHINE\ SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters

create New DWORD: “MaxTokenSize” with decimal value “48000”

reboot your machine






One response to “Increase Maximum Kerberos Token Size”

  1. Robin Avatar

    Thank you, this solved our issue.

Leave a Reply

Your email address will not be published. Required fields are marked *