Scheduled Service Change: Adding firewall rule to prod KDCs for TCP
Authentication requests will be handled by the backup KDC. Change/reset password and netid creation will not work during the time when the primary KDC service is being restarted.\n\nThe above outage will occur only during the application restart which takes less than 3 secs.
There is no workaround for this issue
To support netprint on the new Lion OS, we need the KDC to listen on TCP. Enabling TCP support on the KDC requires 2 changes:\n\n1) The host based firewall rules have to be changed by Systems.\n2) The application configuration has to be changed to support TCP which requires a restart of the app. This takes less than 3 secs.