Re: Got SPN?

Service Publication and Service Principal Names:
http://technet2.microsoft.com/WindowsServer/en/library/96725ab2-02a8-4c7e-8e0e-d298ec304e3b1033.mspx

--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
www.exchangepedia.com/blog
----------------------------------------------


"mcRon" <mcron@xxxxxxxxxxxxxx> wrote in message
news:AD0C0FBC-C756-44FE-B903-26AC32A70B37@xxxxxxxxxxxxxxxx
Thanks for your post. I have already changed the FQDN on the VS to
reflect
the external FQDN of the server (mx1.mydomain.com). I believe that this
is
what is causing the EXBPA to report the warning. I would like to
understand
what an SPN is and specifically how to resolve the warning:

To correct the problem would I just add the value
"SMTPSVC/mx1.mydomain.com"
using AdsiEdit?
Do I need to remove the SMTPSVC/ex1.corp.mydomain.com value?

Why do I need an SPN?

Thanks again,

McR


"chace zhang" wrote:

Hi,

Thank you for posting here.

From your post, my understanding on this issue is: You encountered a
warning in EXBPA Report about "Missing FQDN in 'Default SMTP Virtual
Server' service principal name".

Based on my experience, if your internal domain name is different from
external domain name, the FQDN name of SMTP Virtual Server will be
internal
name. If your Exchange Server is using internal domain name to send mail,
the outgoing mail may not be delivered to remote domain with Non-Delivery
Report which indicates a error for ex1.corp.mydomain.com without MX or A
record or Authentication failure. In this case, we can follow the steps
below to manually change it as Internet domain name.

1. Start Exchange System Manager.

2. Expand "Servers", expand "<Server Name>", expand "Protocols", and then
expand "SMTP".

3. Right-click the SMTP virtual server where you want to apply the
filter,
and then click "Properties".

4. In Delivery tab, in "Fully-qualified domain name" box, change the
internal FQDN name into external FQDN name. Please don't click "Check
DNS"
here.

5. Click OK twice to save the setting. And then restart SMTP Virtual
Server.


Hope this helps, if anything unclear or you need additional assistance.
Please feel free to let me know. Have a nice day!


Best Regards,

Chace Zhang (MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
This newsgroup only focuses on Exchange technical issues. If you have
issues regarding other Microsoft products, you'd better post in the
corresponding newsgroups so that they can be resolved in an efficient and
timely manner. You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check
the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In
doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.

=====================================================

This posting is provided "AS IS" with no warranties, and confers no
rights.


--------------------
| From: "Bharat Suneja [MVP]" <bharatsuneja@xxxxxxxxxxx>
| References: <1F498A28-CB4A-42A3-90F1-2AA8251365A7@xxxxxxxxxxxxx>
| Subject: Re: Got SPN?
| Date: Tue, 21 Nov 2006 14:43:53 -0800
| Lines: 51
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2869
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
| X-RFC2646: Format=Flowed; Original
| Message-ID: <#rhtG6bDHHA.3212@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.exchange.connectivity
| NNTP-Posting-Host: 64-169-85-157.ded.pacbell.net 64.169.85.157
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP04.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.exchange.connectivity:109158
| X-Tomcat-NG: microsoft.public.exchange.connectivity
|
| You can use the SetSPN.exe tool to register the Service Principal Name
of
| your SMTP virtual server (if it is different than the fqdn of that
Exchange
| server).
|
| Look at method 1 in this KBA:
| http://support.microsoft.com/?kbid=914137
|
| --
| Bharat Suneja
| MVP - Exchange
| www.zenprise.com
| NEW blog location:
| www.exchangepedia.com/blog
| ----------------------------------------------
|
|
| "mcRon" <mcron@xxxxxxxxxxxxxx> wrote in message
| news:1F498A28-CB4A-42A3-90F1-2AA8251365A7@xxxxxxxxxxxxxxxx
| > My Exchange server 2003 hostname is ex1.corp.mydomain.com. To
conceal
our
| > internal namespace, our Internet DNS contains an MX record that
points
to
| > the
| > host mx1.mydomain.com and the A record for mx1 points to the IP
address
of
| > my
| > Exchange server. I have a single SMTP virtual server (Default SMTP
| > Virtual
| > Server). On the Properties ***, Delivery tab, Advanced button
dialog, I
| > have configured the FQDN to reflect the name known on the Internet:
| > mx1.mydomain.com.
| >
| > When I run the EXBPA, it reports a "Missing FQDN in service principal
| > name".
| > The details indicate that EXBPA is expecting to find
| > "SMTPSVC/mx1.mydomain.com" in the servicePrincipalName.
| >
| > When I use AdsiEdit to examine the servicePrincipalName attribute on
the
| > server's computer account, I see SMTPSVC/ex1.corp.mydomain.com
listed.
| >
| > I understand that EXBPA wants me to add an SPN value but I don't
really
| > understand what an SPN is. Can someone point me in the right
direction
to
| > understand this?
| >
| > To correct the problem would I just add the value
| > "SMTPSVC/mx1.mydomain.com"
| > using AdsiEdit? Do I need to remove the
SMTPSVC/ex1.corp.mydomain.com
| > value?
| >
| > Thanks in advance,
| >
| > McR
|
|
|




.