Active Directory Servers Show As Unresponsive within Virtual Desktop Infrastructure Administrative Interface due to UDP Limitations
Last updated on DECEMBER 01, 2017
Applies to:Oracle Virtual Desktop Infrastructure - Version 3.5.2 and later
Information in this document applies to any platform.
A domain in VDI configured to authenticate against Active Directory with Kerberos security may begin to display a status of "Unresponsive" within the VDI administration web interface, while other VDI servers show the domain as "OK". This condition may deteriorate over time and without any remedial actions taken, more VDI servers will show the company as unresponsive and fewer will show it as "OK".
Once in this state, rebooting VDI servers that previously reported AD domains as "OK" will result in their seeing the domain as unresponsive when VDI services are restarted.
Additional symptoms of this scenario include:
- Log files show entries like this: error Message is Response too big for UDP, retry with TCP
- Bad UDP packets can be seen using tools like tcpdump or wireshark.
- kinit and klist command continue to work.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms