The Oid used to create the service principal name for the target host is incorrect.
This causes the incorrect determination of the realm when the host dns name does not match the realm name.
Description:
Suppose you have two realms EXAMPLE.COM and COMPANY.COM with a trust estabilished between them, and host named "my.example.com" that belongs to the domain COMPANY.COM, with this krb5.conf:
The Oid used to create the service principal name for the target host is incorrect. This causes the incorrect determination of the realm when the host dns name does not match the realm name.
Description: Suppose you have two realms EXAMPLE.COM and COMPANY.COM with a trust estabilished between them, and host named "my.example.com" that belongs to the domain COMPANY.COM, with this krb5.conf:
Currently, the SPN generated is incorrect as
host/my.example.com@EXAMPLE.COM, where it should behost/my.example.com@COMPANY.COMinstead.