servicePrincipalName cifs
Andrew Bartlett
abartlet at samba.org
Mon Jul 21 07:58:58 GMT 2008
On Mon, 2008-07-21 at 11:49 +0400, Matthieu PATOU wrote:
> Andrew Bartlett a écrit :
> > On Mon, 2008-07-21 at 10:57 +0400, Matthieu PATOU wrote:
> >> Andrew Bartlett a écrit :
> >>> On Sun, 2008-07-20 at 23:11 +0400, Matthieu PATOU wrote:
> >>>> Dear all,
> >>>>
> >>>> On my Samba4 domain I always see a request when a user log in for service cifs/mydomain.tld at MYDOMAIN.
> >>>> I am wondering whether is it important or not.
> >>>> Can someone point me out the interest of this Service ?
> >>> As CIFS is the core file-sharing protocol the Samba supports (and over
> >>> which many other protocols are layered), it is very much expected for
> >>> the client to request a ticket to it.
> >> Because my setup is a bit old and I upgraded manually maybe there is something to add to the secrets.ldb ?
> >
> > No, the problem is that you have hosts connecting to mydomain.tld, not
> > host.mydomain.tld. If you want them to use mydomain.tld, then you need
> > to extend the servicePrincipalName attribute on that server, to include
> > host/mydomain.tld.
> The thing is that I do not recall doing anything like this. Of course I register the computer to mydomain.tld.
> The only thing that is trying to make an access to mydomain.tld is the login script set with the domain policy.
That could possibly being doing this.
> So if I get it well you recommend me to add a servicePrincipalName in users.ldb with the value:
>
> HOST/mydoamin.tld
Yes.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20080721/ae50f07d/attachment.bin
More information about the samba-technical
mailing list