we are required to have a .svc in our service accounts i.e
aduser.svc
the following spn command is failing
setspn -a SPNName/aduser.svc.domain.com aduser.svc
unknown parameter, please check your usage.
Any ideas on how to get around that?
Asked
Active
Viewed 817 times
1
1 Answers
0
What's the service class name in the SPN, is it HTTP? Using "SPNName" as shown is incorrect. An SPN name is the entire string "HTTP/aduser.svc.domain.com", not just the first part preceding the "/". Assuming the service name is HTTP, the correct example is shown below:
setspn -a HTTP/aduser.svc.domain.com aduser.svc
Also note, setspn -s is the preferred syntax, because it finds duplicates, rather than setspn -a which is the older usage and no longer recommended.
T-Heron
- 5,385
- 7
- 26
- 52