[Samba] Failed to modify SPNs
Henry Jensen
hjensen at mailbox.org
Tue Aug 7 07:52:24 UTC 2018
Hello,
I've got some log entries like these on our DCs:
Failed to modify SPNs on CN=db1,CN=Computers,DC=mydom,DC=lan: acl: spn validation failed for spn[TERMSRV/DB1.MYDOM] uac[0x1000] account[db1$]
hostname[(null)] nbname[mydom] ntds[(null)] forest[mydom.lan] domain[mydom.lan]
At first I thought it was about missing SPN entries, but adding these did not resolve the problem:
# samba-tool spn list db1$
db1$
User CN=db1,CN=Computers,DC=mydom,DC=lan has the following servicePrincipalName:
TERMSRV/db1
TERMSRV/db1.mydom
TERMSRV/db1.mydom.lan
Samba is 4.7.8 and one DC with 4.8.3.
Any ideas?
KInd Regards,
Henry
More information about the samba
mailing list