servicePrincipalName cifs

Andrew Bartlett abartlet at
Mon Jul 21 07:58:58 GMT 2008

On Mon, 2008-07-21 at 11:49 +0400, Matthieu PATOU wrote:
> Andrew Bartlett a écrit :
> > On Mon, 2008-07-21 at 10:57 +0400, Matthieu PATOU wrote:
> >> Andrew Bartlett a écrit :
> >>> On Sun, 2008-07-20 at 23:11 +0400, Matthieu PATOU wrote:
> >>>> Dear all,
> >>>>
> >>>> On my Samba4 domain I always see a request when a user log in for service cifs/mydomain.tld at MYDOMAIN.
> >>>> I am wondering whether is it important or not.
> >>>> Can someone point me out the interest of this Service ?
> >>> As CIFS is the core file-sharing protocol the Samba supports (and over
> >>> which many other protocols are layered), it is very much expected for
> >>> the client to request a ticket to it. 
> >> Because my setup is a bit old and I upgraded manually maybe there is something to add to the secrets.ldb ?
> > 
> > No, the problem is that you have hosts connecting to mydomain.tld, not
> > host.mydomain.tld.  If you want them to use mydomain.tld, then you need
> > to extend the servicePrincipalName attribute on that server, to include
> > host/mydomain.tld.
> The thing is that I do not recall doing anything like this. Of course I register the computer to mydomain.tld.
> The only thing that is trying to make an access to mydomain.tld is the login script set with the domain policy.

That could possibly being doing this.  

> So if I get it well you recommend me to add a servicePrincipalName in users.ldb with the value:
> HOST/mydoamin.tld


Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team 
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list