Announcement

Collapse
No announcement yet.

spn command failing on AD server

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • spn command failing on AD server

    we are required to have a .svc in our service accounts i.e

    aduser.svc

    the following spn command is failing

    setspn -a SPNName/aduser.svc.domain.com aduser.svc

    unknown parameter, please check your usage.

    Any ideas on how to get around that?

  • #2
    The command assumes that the SPNName/xxx is the FQDN of the value you're entering. So that assumes 'aduser.svc.domain.com' represents an LDAP sequence of CN=aduser,OU=svc,DC=domain,DC=com. But you're using the .svc like a file name extension. I've never seen usernames/samAccountNames with extensions on them like that. You say you're required to have this--care to explain why? And that assumes you already have other service accounts with this already in place. Have you done inquiries on previous service accounts to see how they're listed?
    *RicklesP*
    MSCA (2003/XP), Security+, CCNA

    ** Remember: credit where credit is due, and reputation points as appropriate **

    Comment

    Working...
    X