[Samba] I want to use CNAMES for my SAMBA server, how?
Gerald (Jerry) Carter
jerry at samba.org
Mon Jul 10 20:00:51 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mann, Roy (RGMR) wrote:
> I have a RedHat Enterprise 3 server running SAMBA 3.0.10. The server
> has been joined to the Active Directory forest using its fully qualified
> domain name.
> Windows clients can successfully map drives using that fully qualified
> name, However, services have a tendency to be moved or need failover
> during maintenance
> so I would prefer to tell customers to use a service alias like
> smbserver3.rest.ofthe.domain.com. When clients use that alias, I can
> see attempts at kerberos
> authentication in the logs on the SAMBA server using the canonical FQDN
> so Windows is getting the right address, talking to the right smbd, but
> authentication fails.
If you are using CNAMES, add the appropriate servicePrincipalName
to the machine's object in AD. Something like adsiedit works well.
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFEsrHzIR7qMdg1EfYRAl4NAKDxB/r8GerHgzpW9G/APn0OAv2kFgCbBimt
IFUv3coZwRA8eL0NVKSRRxE=
=a3I8
-----END PGP SIGNATURE-----
More information about the samba
mailing list