Installation and Maintenance
Special DNS configurations (CNAMES)
The following table gives hints about UPNs, SPNs, DNS-Names and entries for two configuration variants for Apache web services:
- service-fqdn of service is canonical name
- service-fqdn of service is an alias that points to another canonical name
Variation | A-record in DNS | CNAME record in DNS | Comment |
REALM | DNS Name of realm, | DNS Name of realm, | |
site name (Apache site) | fqdn of service | fqdn of service | |
samba name (smb.conf) | first part of fqdn | first part of canonical fqdn | |
User Principal name (UPN) | HTTP/service-fqdn@REALM | HTTP/canonical-fqdn@REALM | used for kinit-tests |
Service Principal name (SPN) | HTTP/service-fqdn@REALM | HTTP/canonical-fqdn@REALM | automatically set |
KrbServiceName (Apache site) | HTTP | HTTP/canonical-fqdn@REALM | |
keytab entry used (and needed) | HTTP/service-fqdn@REALM | HTTP/canonical-fqdn@REALM |