[Samba] Orphan SPN

Andrew Bartlett abartlet at samba.org
Wed Nov 24 22:49:30 UTC 2021


On Wed, 2021-11-24 at 22:40 +0000, Rowland Penny via samba wrote:
> On Thu, 2021-11-25 at 01:34 +0300, Oljas Kuzembaev via samba wrote:
> > On 25.11.2021 1:22, Andrew Bartlett via samba wrote:
> > > Look for host/omu.su
> > > 
> > > There is an attribute sPNMappings that controls the mapping
> > > between
> > > host and the services it implicitly aliases, so the cifs/ entry
> > > (and
> > > http/ along with many others) don't need to be listed explicitly
> > > on
> > > every service.
> > 
> > Thats it!
> > 
> > CN=Directory Service,CN=Windows
> > NT,CN=Services,CN=Configuration,DC=oml,DC=su
> > 
> > sPNMappings was modified with addition of "cifs", which was giving
> > me 
> > trouble.
> > 
> > Thank you so much!
> 
> You learn something new every day, but it still doesn't explain why I
> do not actually get a keytab.
> 
> Just to get my head around this, does this mean that you do not have
> to
> add an SPN such 'cifs/samdom.example.com' if
> 'host/samdom.example.com'
> exists ?

Exactly.

Andrew Bartlett
> 
-- 
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source
Solutions








More information about the samba mailing list