Changing FQDN for authing via Kerberos

Spyro Polymiadis spiz at
Wed Feb 3 14:42:27 CST 2010

Hi all, 

Long time no post... I have a question which hopefully someone may know the answer....
I have run up a new squid box, using kerb auth against AD following the guide here: and everything is working just fine

The problem I seem to have is, using this method - the browser is required to use the FQDN of the proxy as set when setting up kerb.
As this was built on my test, when I set the hostname and FQDN - they were "servername" 

Now I want to try and change the hostname it uses to just "servername" and put it on our live network, Ive tried changing hostnames/dns names/host entries even re-running the mskutil command (as shown in the link above) and replacing the entries to just "servername" and generating a new keytab...However none of these seem to work when I change the proxy setting in the browser to the new hostname and try to browse.
It just keeps barfing saying not authenticated and the krb logs show an error 230 (which doesn't really help)

If I change all the dns/hostnames/browser settings back to "servername" - its all happy again... and working...

Does anyone have any idea how I may go about changing the hostname so it will still auth for clients?


This message was scanned by ESVA and is believed to be clean. 

More information about the linuxsa mailing list