Web lists-archives.com

Re: [Samba] [Curiosity] 'netbios aliases' works in AD mode?




On Tue, 19 Dec 2017 13:44:32 +0100
Marco Gaiarin via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Mandi! Rowland Penny via samba
>   In chel di` si favelave...
> 
> > OK, NT4-style domains use netbios to find computers.
> >     AD domains use dns
> 
> Ok, this is clear.
> 
> 
> > So, my advice would be to use CNAME records in AD.
> > What Andrew said was correct, but netbios is on the way out, it
> > relies on SMB1 and the latest Win10 has this turned off by default.
> 
> Ok, trying to sumarize: if i need a server alias:
> 
> a) for older clients (netbios/SMB1), i have to add 'netbios aliases'
>  *AND* define SPN

If you are using network browsing, you are using SMB1 (this is a BAD
idea) and you will not be using kerberos, so you will not require the
SPN.

> 
> b) for newer clients (AD/smb>1), i have to set a CNAME.

Possibly

> 
> 
> So, if i need both (for compatibility reason), i have to do both.
> Right?

I actually think you need to update the clients to use a different
authentication method, you will probably find you don't need either
'netbios aliases' or 'CNAMEs'

Rowland



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba