Bug 11620 - different netbios and dns name
Summary: different netbios and dns name
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind (show other bugs)
Version: 4.1.12
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
Depends on:
Reported: 2015-11-26 13:33 UTC by frank
Modified: 2015-12-01 09:37 UTC (History)
2 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description frank 2015-11-26 13:33:42 UTC
We separate our systems in different stages through different DNS subdomains, e.g.:
- applicationtestsystem1.prod.example.com
- applicationtestsystem1.test.example.com
- applicationtestsystem1.dev.example.com

All the systems are joined to one central Active Directory via "net ads join". But even if the name would be shorter than 15 characters, this would result in the same AD computer-object name, as the netbios name is used for that name and that's by default the first portion of the FQDN.
We worked around this by setting "netbios name" in smb.conf to some unique identifier thats completely unrelated to the hostname or FQDN. This led to the effect already described here 9 years ago: https://lists.samba.org/archive/samba/2006-November/126696.html

Our Systems now have unique computer-object names in AD, but the DNS name is incorrectly set to that name as well. Likewise are the entries in the kerberos keytab, thus making using kerberos for single sign on impossible.

IMHO it should be possible to use a netbios name but get correct DNS names in the created AD computer-objects as well as correct kerberos SPN entries.