Bug 1828354

Summary: After adding "additional dns hostname" to smb.conf it does not generate /etc/krb5.keytab with the proper SPN.
Product: Red Hat Enterprise Linux 7 Reporter: Prasad Kulkarni <pkulkarn>
Component: sambaAssignee: Isaac Boukris <iboukris>
Status: CLOSED ERRATA QA Contact: sssd-qe <sssd-qe>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.8CC: adzilsky, asakure, asn, dkarpele, ftrivino, gdeschner, iboukris, jarrpa, mpanaous
Target Milestone: rcKeywords: Reopened
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: samba-4.10.16-2.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1850980 (view as bug list) Environment:
Last Closed: 2020-09-29 20:19:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1850980    

Comment 8 Isaac Boukris 2020-05-16 12:01:15 UTC 
Per bug #1836427, it seems like having the keytab entries can be useful for some applications, such as sshd.
Comment 26 Andreas Schneider 2020-06-30 09:35:32 UTC 
I've created bug #1852370 for "net ads join dnshostname=FQDN"
Comment 27 Isaac Boukris 2020-07-01 16:40:39 UTC 
(In reply to Andreas Schneider from comment #26)
> I've created bug #1852370 for "net ads join dnshostname=FQDN"

As discussed we already have bug #1836427 for net-ads-join dnshostname=fqdn, which is integrated in 7.9 branch.

This for in this bug, for adding additional-dns-hostnames from smb.conf to keytab, currently only works with samba-dc but not with Windows DC.
I opened bug #1852812 to fix it against Windows DC in zstream branch if approved.
Comment 32 errata-xmlrpc 2020-09-29 20:19:10 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: samba security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:3981
Comment 33 Red Hat Bugzilla 2023-09-15 00:31:17 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days