This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links

Version management

Difference between version and

At line 1 added 36 lines
!!! Overview
Typically [SPN] entries are generated by the service automatically. Occasionally you may need to manually [{$pagename}].
To register the [SPN] manually, the administrator must use the [Setspn.exe] tool that is provided with the Microsoft Windows Server Support Tools.
Setspn.exe is a command line tool that enables you to read, modify, and delete the Service Principal Names (SPN) directory property. This tool also enables you to view the current SPNs, reset the account's default SPNs, and add or delete supplemental [SPNs].
!! Be Careful Constructing [SPN]
Whenever registering SPN’s you have to carefully construct it:
* what service is it for
* which name will be used to access it
* what port is it running at.
For most services this is straightforward, but Internet Explorer as a web browsing client complicates this. IE6, IE7 and IE8 still ignore the port entered in the address bar. They even ignore the name if it is a CNAME record.
Make sure to use ping or nslookup whenever troubleshooting your [SPN]’s. It will show you how and if the name you registered the service under is reachable.
!! Using [Setspn.exe]
The following example illustrates the syntax used to register manually register an SPN for a TCP/IP connection:
{{{
setspn -A MSSQLSvc/myhost.redmond.microsoft.com:1433 accountname
}}}
Note If an SPN already exists, it must be deleted before it can be reregistered. You do this by using the [Setspn.exe] command together with the -D switch. The following examples illustrate how to manually register a new instance-based SPN. For a default instance, use:
{{{
setspn -A MSSQLSvc/myhost.redmond.microsoft.com accountname
}}}
For a named instance, use:
{{{
setspn -A MSSQLSvc/myhost.redmond.microsoft.com:instancename accountname
}}}
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]