Hello Community!
i noticed we have those events in eventlog on our w2k16 domain controller.
after reading about this topic now i´m confused why this w2k16 server is using a 12k limit and not the 48k default value for w2k16.
the value 'MaxTokenSize' under HKLM\SYSTEM\CurrentControlSet\Control\LSA\Kerberos\Parameters does not exist and therefore it should default to 48k right? why is server not doing this in my case?
default values:
Windows 2000 8,000 bytes
Windows 2000 SP2 12,000 bytes
Windows 2003 12,000 bytes
Windows XP 12,000 bytes
Windows Vista 12,000 bytes
Windows 7 12,000 bytes
Windows 2008 12,000 bytes
Windows 2008 R2 12,000 bytes
Windows 8 48,000 bytes
Windows 2012 48,000 bytes
Windows 8.1 48,000 bytes
Windows 2012 R2 48,000 bytes
Windows 2016 48,000 bytes
Furthermore we do not have a gpo for setting kerberos token size. we do not have a gpo for warning about those events too. thats the second thing i´m wondering. why do we get those
event 31 events if we do not have this set via gpo?