Red Hat Bugzilla – Bug 622802
krb5 does not resolve
Last modified: 2014-06-18 03:40:28 EDT
Description of problem:
If a dfs root is given in form of:
a dns lookup should be done, followed by spn ticket retrieval on the fastest of the determined addresses.
Atm it simply does not work as cifs/mydomain@... is not a valid spn.
(In reply to comment #0)
> Description of problem:
> If a dfs root is given in form of:
> a dns lookup should be done, followed by spn ticket retrieval on the fastest of
> the determined addresses.
Actually no, that shouldn't be done, at least not by default. What should happen is that the DFS referral should contain a valid hostname that can be used as a SPN.
If you want to trust DNS in the way you suggest, you can use the '-t' flag with cifs.upcall. See the cifs.upcall manpage for more info.
I'm going to go ahead and close this as NOTABUG. Please reopen if I've misunderstood the problem or you have further questions.
Created attachment 437876 [details]
debug log as requested
192.168..50.100 is a sanitizing bug and should say 192.168.50.100