Comment 7 for bug 539791

Investigating the problem further, I thought the problem might have been that resolving the DFS referral returned a NetBIOS machine name, not a FQDN, for the server hosting the service (ie, WARTHOGS-ADC instead of warthogs-adc.warthogs.biz). After looking around, I followed the advice in Microsoft KB #244380 to make it so that Windows would return FQDN when resolving DFS referral, but it still would not work.

Discussing the problem further with colleagues, it seems like cifs.upcall does do any DFS referral resolution, hence why mount.cifs fails to mount a DFS referral *just* when using Kerberos for authentication. I was pointed at the following linux-cifs-client mailing list thread explaining the situation:

    http://old.nabble.com/Handling-Kerberos-principals-that-don%27t-match-hostnames-td27055470.html

In lucid, I tried adding -t to the cifs.spnego entry in /etc/request-key.conf, and it work indeed! \o/ Unfortunately, this option to cifs.upcall is not available in the version we ship in karmic, so this is a lucid-only workaround.

However, i understand this is just working around the problem, which is that cifs.upcall do not support resolving DFS referral.

Is this correct, or am I wrong somewhere?