>> Anyone else have horrific issues with this update??

For some years we have been relying on using DNS CNAMEs to find our servers.
It seems this is effectively the bug that has just been fixed.

In simple terms, it seems that you must have a service principal name (SPN) 
that matches the name of the file server the user requested.  Effectively the 
server needs to be registered under all the names it could be called.

(This is similar to the way  https  requests expect a certificate with the 
name you actually asked for.)

If my server is registered as  file.server.domain  but I request:
    //samba.server.domain/share
then that machine has to have a certificate for that name: an SPN

Previously it was good enough for the DNS to find the correct IP address.

    Shane
-- 
Shane Voss, Computing Officer, School of GeoSciences, University of Edinburgh

The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.