This parameter determines whether or not smbclient 8 and other samba components acting as a client will attempt to use the server-supplied principal sometimes given in the SPNEGO exchange. If enabled, Samba can attempt to use Kerberos to contact servers known only by IP address. Kerberos relies on names, so ordinarily cannot function in this situation. This is a VERY BAD IDEA for security reasons, and so this parameter SHOULD NOT BE USED. It will be removed in a future version of Samba. If disabled, Samba will use the name used to look up the server when asking the KDC for a ticket. This avoids situations where a server may impersonate another, soliciting authentication as one principal while being known on the network as another. Note that Windows XP SP2 and later versions already follow this behaviour, and Windows Vista and later servers no longer supply this 'rfc4178 hint' principal on the server side. This parameter is deprecated in Samba 4.2.1 and will be removed (along with the functionality) in a later release of Samba. no