| diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c |
| index 5fde091..990111d 100644 |
| --- a/utils/gssd/krb5_util.c |
| +++ b/utils/gssd/krb5_util.c |
| @@ -801,8 +801,10 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname, |
| char *default_realm = NULL; |
| char *realm; |
| char *k5err = NULL; |
| - int tried_all = 0, tried_default = 0; |
| + int tried_all = 0, tried_default = 0, tried_upper = 0; |
| krb5_principal princ; |
| + const char *notsetstr = "not set"; |
| + char *adhostoverride; |
| |
| |
| /* Get full target hostname */ |
| @@ -820,13 +822,23 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname, |
| } |
| |
| /* Compute the active directory machine name HOST$ */ |
| - strcpy(myhostad, myhostname); |
| - for (i = 0; myhostad[i] != 0; ++i) { |
| - if (myhostad[i] == '.') break; |
| - myhostad[i] = toupper(myhostad[i]); |
| + krb5_appdefault_string(context, "nfs", NULL, "ad_principal_name", |
| + notsetstr, &adhostoverride); |
| + if (strcmp(adhostoverride, notsetstr) != 0) { |
| + printerr (1, |
| + "AD host string overridden with \"%s\" from appdefaults\n", |
| + adhostoverride); |
| + /* No overflow: Windows cannot handle strings longer than 19 chars */ |
| + strcpy(myhostad, adhostoverride); |
| + free(adhostoverride); |
| + } else { |
| + strcpy(myhostad, myhostname); |
| + for (i = 0; myhostad[i] != 0; ++i) { |
| + if (myhostad[i] == '.') break; |
| + } |
| + myhostad[i] = '$'; |
| + myhostad[i+1] = 0; |
| } |
| - myhostad[i] = '$'; |
| - myhostad[i+1] = 0; |
| |
| retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname)); |
| if (retval) { |
| @@ -923,6 +935,19 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname, |
| k5err = gssd_k5_err_msg(context, code); |
| printerr(3, "%s while getting keytab entry for '%s'\n", |
| k5err, spn); |
| + /* |
| + * We tried the active directory machine account |
| + * with the hostname part as-is and failed... |
| + * convert it to uppercase and try again before |
| + * moving on to the svcname |
| + */ |
| + if (strcmp(svcnames[j],"$") == 0 && !tried_upper) { |
| + for (i = 0; myhostad[i] != '$'; ++i) { |
| + myhostad[i] = toupper(myhostad[i]); |
| + } |
| + j--; |
| + tried_upper = 1; |
| + } |
| } else { |
| printerr(3, "Success getting keytab entry for '%s'\n",spn); |
| retval = 0; |