SPN stands for Service Principal Name – used (among others) by Kerberos.
Normally, you work with them via the Setspn tool.
e.g.
setspn –l <account name>
which lists all spns assigned to that account.
However, you can also do this by:
Start – Administrative Tools – Active Directory Users and Computers – View – Advanced Features
Then navigate to the account via the tree. Right click – Properties – Attribute Editor tab. Then scroll down to servicePrincipalName and double-click.
You can add and remove SPN’s from this window as well. (i.e. the equivalent of setspn –a … or setspn –d …).
Enjoy!
No comments:
Post a Comment