[linux-cifs-client] Re: [PATCH] Add support for using server
supplied principal (mic option)
Love Hörnquist Åstrand
lha at kth.se
Mon Aug 25 12:31:35 GMT 2008
>
> A correct configuration would use many CNAMEs all pointing to 1 A
> NAME,
> the one used to join AD.
> I would stick to a secure behavior and disable fetching a ticket using
> the MIC information by default.
Use "setspn -a host/alias computername" to add the aliases to the SPNs
and it doesn't matter what name the client uses.
The gssapi library does dns canon, its wrong, but there is no good way
to stop doing since that breaks stuff :(
Love
More information about the linux-cifs-client
mailing list