Why doesn't windows authentication work with host alias'?

Super User Asked by Andy Arismendi on January 3, 2022

Normally accessing a Windows share is accomplished using a UNC path e.g. \servershare where “server” is the real hostname of the Windows machine. \server.domain.comshare also works.

However access does not appear to work using host alias’. For example if you put this in the hostile:   server   server-alias

Both will be pingable, however share access fails using \server-aliasshare.

I’m aware SMB access uses NTLM authentication, I suppose kerberos in a domain environment. So I suspect NTLM might not support alias’ like this. Is this the case?

One Answer

As far as I know, NTLM got a set list of host-names it will authenticate with. When just creating an alias like that, without updating it on the "server side" the auth will fail.

I found two relating articles regarding a few windows flavors :-)

Link 1 - Regarding IIS

Link 2 - Regarding access on 2003 server

As it seems both need the server-side to be updated to work, I believe you're correct in assuming this is due to the nature of NTLM.

Answered by xstnc on January 3, 2022

Add your own answers!

Ask a Question

Get help from others!

© 2024 All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP