question

ReccoppaMichael-2266 avatar image
0 Votes"
ReccoppaMichael-2266 asked ReccoppaMichael-2266 action

Connecting to Network share

Hello,

I'm sure I'm missing something very simple with this, but I was hoping to get pointed in the right direction. I recently had to rebuild my SCCM (Endpoing Config Manager) server and the build itself went as planned. I created a DNS alias in DNS for my SCCM server so when I create packages, it's easier to type out the alias than the whole server name network share. When I'm logged into my server and I try to connect to the network share using the alias, (\\alias), I get prompted for network credentials to the domain, which even when I put in, comes up incorrect credentials. However I can connect using the full network path, (\\servername). I had other people on their computers try and they can all connect to the alias, so it just happens from the server itself. And I can also connect to other servers DNS alias from my SCCM server with no issue...so I'm not really sure why the server can't connect to it's own DNS alias. On my old SCCM server, it worked fine and I don't think I did anything different. I'm running Windows Server 2016.

Any help anyone can give would be great!!!

Thanks

windows-server-2016windows-dhcp-dns
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

You could accept the useful reply as answer if you want to end this thread up.
If there is anything else we can do for you, please feel free to post in the forum.

0 Votes 0 ·

1 Answer

CandyLuo-MSFT avatar image
1 Vote"
CandyLuo-MSFT answered

Hi,

This phenomenon is related with SPN. Note: SMB Access requests using CNAMEs will not use Kerberos and are totally unsafe. This has evolved over the last operating system releases and CNAMEs are not to be used or trusted anymore. So, the recommendation is that Do not use CNAMEs anymore. If you want to still give 'alternate names' to servers, you can do so with the command NETDOM COMPUTERNAME /ADD , which will automatically register SPNs for the alternate names.

As picture below:

86656-image.png

86697-image.png

For more details, you can refer to the following article:

Using Computer Name Aliases in place of DNS CNAME Records

SMB file server share access is unsuccessful through DNS CNAME alias

Please try to mark the replies which help you. It will encourage the person who help you.
Appreciate your understanding. :)

Best Regards,
Candy


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



image.png (14.5 KiB)
image.png (154.8 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.