[RFC/PATCH] cifs.upcall: use kernel.provided principal name if available
Martin Wilck
martin.wilck at ts.fujitsu.com
Mon Sep 12 03:01:58 MDT 2011
> For the record, I'm not 100% opposed to adding something like this as a
> workaround. What would probably be better would be a way for someone to
> specify the SPN in the mount options. The kernel could then pass that
> to the upcall and we wouldn't need to trust this string from the
> server. Admins would of course need to know what SPN to put in there
> however. Something like:
>
> -o spn=cifs/otherhostname.example.com
Sounds good. In our AD environment, an admin can do
ldapsearch "(cn=$COMPUTERNAME)" serviceprincipalname
to get the supported principal name(s).
Martin
--
Dr. Martin Wilck
PRIMERGY System Software Engineer
x86 Server Engineering
FUJITSU
Fujitsu Technology Solutions GmbH
Heinz-Nixdorf-Ring 1
33106 Paderborn, Germany
Phone: ++49 5251 525 2796
Fax: ++49 5251 525 2820
Email: martin.wilck at ts.fujitsu.com
Internet: http://ts.fujitsu.com
Company Details: http://ts.fujitsu.com/imprint
More information about the samba-technical
mailing list