[Samba] Different spns for primary and secondary DCs
Ricardo Esteves
mvrk at sapo.pt
Thu May 11 21:21:35 UTC 2023
Hi,
I have 2 domain controllers with samba4, and i realized i have some
missing spns for the second domain controller:
> samba-tool spn list dc1$
dc1$
User CN=dc1,OU=Domain Controllers,DC=test,DC=pt has the following
servicePrincipalName:
HOST/dc1.test.pt
HOST/dc1.test.pt/test[1]
ldap/dc1.test.pt/test[1]
GC/dc1.test.pt/test.pt[2]
ldap/dc1.test.pt
HOST/dc1.test.pt/test.pt[2]
ldap/dc1.test.pt/test.pt[2]
HOST/dc1
E3514235-4B06-11D1-AB04-00C04FC2DCD2/ea763557-5bb4-4885-bf7b-239eb94f483a/test.pt
ldap/ea763557-5bb4-4885-bf7b-239eb94f483a._msdcs.test.pt
ldap/dc1
RestrictedKrbHost/dc1
RestrictedKrbHost/dc1.test.pt
> samba-tool spn list dc2$
dc2$
User CN=dc2,OU=Domain Controllers,DC=test,DC=pt has the following
servicePrincipalName:
HOST/dc2
HOST/dc2.test.pt
GC/dc2.test.pt/test.pt[3]
E3514235-4B06-11D1-AB04-00C04FC2DCD2/2a9b50c9-dc62-4201-b235-e72f3c36f0aa/test.pt
gc/dc2
gc/dc2.test.pt
e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc2
e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc2.test.pt
Is this normal? Or should i create the missing ldap and
RestrictedKrbHost spns for dc2?
Ligações:
---------
[1] http://dc1.test.pt/test
[2] http://dc1.test.pt/test.pt
[3] http://dc2.test.pt/test.pt
More information about the samba
mailing list