On 2021-09-08 at 14:18-0400 Todd Mote <mo...@austin.utexas.edu> wrote:
> The $ at the end of the host name is for AD. <short hostname>$ is
> the actual name of the account in AD. The Kerberos utilities are
> just asking the KDC to renew tickets for accounts. Computer
> accounts in AD happen to have a $ appended to them under the covers.
> They are obfuscated from most human views. Msktutil may be
> appending the $ under its covers, you'd have to examine the source
> to know
From the msktutil man page:
--computer-name <name>
Specifies that the new account should use <name> for the
computer account name and the SAM Account Name. Note that a
'$' will be automatically appended to the SAM Account Name.
Defaults to the machine's hostname, excluding the realm, with
dots replaced with dashes.
That is: if the realm is EXAMPLE.COM, and the hostname is
FOO.EXAMPLE.COM, the default computer name is FOO. If the
hostname is FOO.BAR.EXAMPLE.COM, the default computer name is
FOO-BAR.
--account-name <name>
An alias for --computer-name that can be used when operating
on service accounts. Note that a '$' will not be
automatically appended to the SAM Account Name when using
service accounts.
We love msktutil (including its magnificent man page); it is our
preferred mechanism for joining hosts to AD.
_______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
