Turning off hostname canonicalisation

Sam Hartman hartmans at MIT.EDU
Mon Sep 12 15:24:08 EDT 2005

>>>>> "Andrew" == Andrew Bartlett <abartlet at samba.org> writes:

    Andrew> On Fri, 2005-09-09 at 21:00 -0400, Jeffrey Altman wrote:
    >> Andrew Bartlett wrote:
    >> > How are MIT/Heimdal realms coping with windows clients, which
    >> I presume > don't do such fqdn resolution.  Is the concept of
    >> servicePrincipalName > spreading to cope, or are there just
    >> multiple principals and keytab > entries being created?
    >> Currently, large numbers of principal names and keytab entries
    >> are being created to deal with this issue.

    Andrew> Likewise, is there any move to at least allow case
    Andrew> insensitivity in principal names or keytab entries?  I
    Andrew> know the Samba patch to allow this (in the member server,
    Andrew> presumably for an AD KDC) is pretty ugly...

We're going to do whatever the Kerberos working group ends up doing.
I don't think anyone has proposed case insensitivity there although
there has been a proposal to ask the KDC for a list of names by which
the current service can be known.

