We separate our systems in different stages through different DNS subdomains, e.g.: - applicationtestsystem1.prod.example.com - applicationtestsystem1.test.example.com - applicationtestsystem1.dev.example.com All the systems are joined to one central Active Directory via "net ads join". But even if the name would be shorter than 15 characters, this would result in the same AD computer-object name, as the netbios name is used for that name and that's by default the first portion of the FQDN. We worked around this by setting "netbios name" in smb.conf to some unique identifier thats completely unrelated to the hostname or FQDN. This led to the effect already described here 9 years ago: https://lists.samba.org/archive/samba/2006-November/126696.html Our Systems now have unique computer-object names in AD, but the DNS name is incorrectly set to that name as well. Likewise are the entries in the kerberos keytab, thus making using kerberos for single sign on impossible. IMHO it should be possible to use a netbios name but get correct DNS names in the created AD computer-objects as well as correct kerberos SPN entries.