You have a fancy name for Windows File Server and you thought, why not use a fancier name for the File Server. You went to the DNS and created a cname record, let say rgnfileserver.alivebits.com.
And tried to connect to the File Server with new cname \rgnfileserver.alivebits.com from the server itself. You would receive the following
There are no issues accessing the fileshare with new name over the network. The reason of such an behaviour can be found Microsoft KB https://support.microsoft.com/en-us/kb/896861
Here is an excerpt from the above KB
Loopback check is a security feature that is designed to help prevent reflection attacks on your computer. Therefore, authentication fails if the FQDN or the custom host header that you use does not match the local computer name.
We need to implement the following registry keys and set SPN.
- In Registry Editor, locate and then click the following registry key:
- HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsaMSV1_0. If the registry Key doesn’t exist, create a new one.
- Right-click MSV1_0, point to New, and then click Multi-String Value.
- Type BackConnectionHostNames, and then press ENTER.
- Right-click BackConnectionHostNames, and then click Modify.
- In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
Now, start an elevated cmd prompt and set the SPN
Setspn -S HOST/CNAME ServerName
Setspn -S HOST/CNAME.domain.com ServerName
Restart the netlogon service.
In case, the server is being used as Print Server, you would also need to implement the following registry key.
reg add HKLMSYSTEMCurrentControlSetControlPrint /v DnsOnWire /t REG_DWORD /d 1
you should be able to access your file server remotely using a fancier name \rgnfileshares.alivebits.com locally on the server.
Thanks to Martin Binder for providing pointers leading to resolution.
Hope this helps !