[RFC/PATCH] cifs.upcall: use kernel.provided principal name if available

Martin Wilck martin.wilck at ts.fujitsu.com
Mon Sep 12 03:01:58 MDT 2011

> For the record, I'm not 100% opposed to adding something like this as a
> workaround. What would probably be better would be a way for someone to
> specify the SPN in the mount options. The kernel could then pass that
> to the upcall and we wouldn't need to trust this string from the
> server. Admins would of course need to know what SPN to put in there
> however. Something like:
>     -o spn=cifs/otherhostname.example.com

Sounds good. In our AD environment, an admin can do

ldapsearch "(cn=$COMPUTERNAME)" serviceprincipalname

to get the supported principal name(s).


Dr. Martin Wilck
PRIMERGY System Software Engineer
x86 Server Engineering

Fujitsu Technology Solutions GmbH
Heinz-Nixdorf-Ring 1
33106 Paderborn, Germany
Phone:			++49 5251 525 2796
Fax:			++49 5251 525 2820
Email:			martin.wilck at ts.fujitsu.com
Internet:		http://ts.fujitsu.com
Company Details:	http://ts.fujitsu.com/imprint

More information about the samba-technical mailing list