[Samba] Samba and CNAME

[Henry Jensen]

Hello,

On Sun, 22 Jul 2018 15:00:58 +0200
Henry Jensen via samba <samba at lists.samba.org> wrote:

> we successfully migrated from a Samba 3.x NT Domain to a Samba AD Domain
> using Samba 4.7.x.
> 
> However, there are still some issues and I hope for your help.
> 
> The biggest problem so far follows:
> 
> For historical reasons our Samba file servers carry a lot of aliases.
> Now that they have become AD Members I did set a lot of CNAMEs in the AD
> DNS (using the Windows DNS Tool). Most of the aliases do work, but not
> the CNAMEs which carry the name of server which did previuosly exit.
> 
> E.g. we used to have a server named smb6. I rsync'd the content to a
> new server named smb8, shut down the old server  and set a CNAME smb6
> pointing to smb8.
> 
> Using Windows 7 no problem to access the server with \\smb6.
> 
> Using Windows 10 I can't access it. \\smb8 and other CNAMEs do work.
> 
> Then I deleted the smb6 computer account in AD.
> 
> Then I found out, that I might have to add a Kerberos SPN, which
> I did using:
> 
>   samba-tool spn add HOST/smb6 smb8$
> 
> Still no luck accessing that server unter this specific CNAME unter
> Windows 10.
> 
> Any suggestions?


After two days it suddenly works. After adding the SPN I didn't change
anything. Of course I did execute "net cache flush" and friends after
setting  the SPN, but somehow it must have been cached elsewhere.

Kind regards, 

Henry