Hi.. I'm running CentOS 7 with the default gssproxy setup.  However, instead of the standard Kerberos server, I'm using Samba AD. On every CentOS 7 system joined to the domain and mounting NFS, my logs are constantly showing errors like: Nov 12 08:32:51 j1 gssproxy[853]: (OID: { 1 2 840 113554 1 2 2 }) Unspecified GSS failure.  Minor code may provide more information, Client 'host/j1.ad.eecs.yorku.ca(a)AD.EECS.YORKU.CA' not found in Kerberos database When I move many systems to the domain, there will be hundreds of these errors.  I'd like to resolve the issue that is causing the errors. j1 (a test host) is actually j1.eecs.yorku.ca which is joined to the realm AD.EECS.YORKU.CA. j1.eecs.yorku.ca does a forward lookup to an IP.  The reverse lookup of that IP goes back to j1.eecs.yorku.ca. j1.ad.eecs.yorku.ca doesn't even exist in DNS.  However, when J1 is joined to the domain (using net ads join), entries for j1.ad.eecs.yorku.ca are added to the keytab.  I also add entries for host/j1.eecs.yorku.ca. The following works: j1# kinit -k -t /etc/krb5.keytab -S 'host/j1.ad.eecs.yorku.ca(a)AD.EECS.YORKU.CA' 'J1$' j1# klist Ticket cache: FILE:/tmp/krb5cc_1004_aGasjVy28U Default principal: J1$(a)AD.EECS.YORKU.CA Valid starting       Expires              Service principal 11/12/2020 08:41:41  11/12/2020 18:41:41 host/j1.ad.eecs.yorku.ca(a)AD.EECS.YORKU.CA     renew until 11/19/2020 08:41:41 That's from the same system where gssproxy reports that host/j1.ad.eecs.yorku.ca(a)AD.EECS.YORKU.CA is not found in Kerberos database. Obviously, the errors are harmless because NFS mounting works, and everything else works, but the logs would be a lot quieter if I could figure out how to stop these errors. Any thoughts? Jason.