Applies to: Centrify DirectControl on all platforms.
A server is present with a DNS name of abc.yourcompany.com, what are the consequences of adding it to the domain as xyz.yourcompany.com?
This is not recommended but it is possible.
When the user logs in, the client machine knows the target as abc, it will then request the Domain Controller server for a service ticket for abc. The service ticket for abc must exist somewhere in AD for it to respond to this request.
If the machine (abc) is joined as (xyz), then only credentials for xyz are created.
The correct procedure is to join abc as abc, but then add an alias for xyz (use the "-a" option to specify an alias in the adjoin command) so that both services for abc and xyz can be found.
Both hostname and alias name can be encrypted with the same password that the target machine can then decrypt and verify.