Re: [Samba] [Curiosity] 'netbios aliases' works in AD mode?
- Date: Thu, 7 Dec 2017 10:48:52 +0100
- From: Marco Gaiarin via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] [Curiosity] 'netbios aliases' works in AD mode?
Mandi! Andrew Bartlett via samba
In chel di` si favelave...
> > This lead me to another question: in this way, aliases are ''domain
> > wide'' right? Eg, i cannot have a DM aliased 'file' in a LAN and
> > another DM aliased 'file' in another LAN, as was used before with NT
> > like domains (two different domains).
> Correct, you can't use the different netbios namespaces to do that.
> Not that real NT4 allowed different netbios namespaces either, but all
> sorts of games were possible (I've done that myself back in the day
> with Samba).
Good to know. Thanks.
> You can't even use DNS search paths on the clients and then fully
> qualfied aliases as the client will ask for a ticket for exactly the
> name stated, not the FQDN as this avoids in-secure DNS being an attack
Mmmhhh... i try to do an example.
Supposing we have 'vdmsv1.ad.fvg.lnf.it' aliased with 'file.sv.lnf.it'
in LAN 1, and 'vdmpp1.ad.fvg.lnf.it' aliased with 'file.pp.lnf.it' in
If client in LAN 1 have 'sv.lnf.it' in search path, and in LAN 2
'pp.lnf.it', i cannot alias 'file' on both because the ticket get asked
for 'vdmsv1.ad.fvg.lnf.it' and 'vdmpp1.ad.fvg.lnf.it'. Right?
> I hope this clarifies things,
Sure, but... really i don't found many examples about 'spn add' and so
i'm still on doubt. This is right?
> > Supposing to have a DM like 'vdmsv1.ad.fvg.lnf.it', and i need to
> > create an alias 'file', i need to add 'file' to 'netbios aliases' and
> > also do something like:
> > samba-tool spn add host/vdmsv1.ad.fvg.lnf.it file.ad.fvg.lnf.it
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
To unsubscribe from this list go to the following URL and read the