Error A: 0x34 - KRB_ERR_RESPONSE_TOO_BIG: Response too big for UDP (Token Error).
This is observed in both same domain and cross domain KCD configurations.
If the kerberos token retrieved from the KDC of the Domain Controller is too large, you will receive this error. It can be confirmed in the Wireshark trace.
1. Start regedit on the SEG server.
2. Browse to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\ Kerberos\Parameters.
3. Create a Dword called MaxPacketSize.
4. Change the value of the Dword to 1.
The images below display how to change it within the registry.