Check out this Microsoft KB article.

If you are seeing Kerberos errors in your event log (add LogLevel DWORD value 1 in the same place to enable logging) this is your fix.

If you are seeing Error Code: 0×34 KRB_ERR_RESPONSE_TOO_BIG this is your fix too.

I was seeing this error mostly on my Sharepoint and OCS servers.

I made an enterprise wide group policy to set this using PolicyMaker.  PolicyMaker is great except it does not appear to work on x64 boxes.  Those I had to do manually.

This should also allow Kerberos to work over a VPN connection now too!

• Blocking AOL Instant Messenger at the Router Level (Cisco IOS)
• MSExchange ActiveSync Heartbeat Intervals
• New GPO for Screen Saver Lock aka Where did LOGON.SCR go?
• Fix RDP Client 6.0
• Convert VMWare to Virtual Server/PC (VHD)