[Samba] Samba and CNAME
Andrew Bartlett
abartlet at samba.org
Tue Jul 24 08:59:37 UTC 2018
On Tue, 2018-07-24 at 10:56 +0200, L.P.H. van Belle via samba wrote:
> And you dont need to add extra SPN's for aliases that is if you DNS setup is correct.
> Just remember, every server must have an A and PTR record, save you a lot of problems.
> And best is to point your CNAME to FQDN.
This only applies to some MIT clients. Windows does not follow the
(untrustworthy, cryptographically) PTR record to find the real host
name, it relies on the extra SPNs being on the record.
That is why the SPNs were invented.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list