Re: SPN (Service Principal Name)

Tech-Archive recommends: Fix windows errors by optimizing your registry



Hi,

Konkrete Verwendung -
z.B SQL:
http://technet.microsoft.com/en-us/library/ms191153(SQL.100).aspx
oder Configuration Manager:
http://technet.microsoft.com/en-us/library/bb735877(TechNet.10).aspx

"A service principal name (SPN) is the name by which a client uniquely
identifies an instance of a service. The Kerberos authentication service can
use an SPN to authenticate a service. When a client wants to connect to a
service, it locates an instance of the service, composes an SPN for that
instance, connects to the service, and presents the SPN for the service to
authenticate."


MfG
Jam


"Marcus Rath" <Marcus.Rath@xxxxxxxxxxxxx> wrote in message
news:OPRk5%236yIHA.4816@xxxxxxxxxxxxxxxxxxxxxxx
Hi,

kann mir jemand erklären oder eine gute Quelle nennen wofür ich SPN's
benötige und
was diese genau machen. (genaue Funktionsweise)

Im Endefekt weiß ich nur, dass diese für eine Kerbereos Authentifizierung
an anderen Systemen
verwendet werden, aber weshalb, warum, wie ??????

Grüße
Marcus



.



Relevant Pages

  • Re: SPN (Service Principal Name)
    ... Konkrete Verwendung - ... oder Configuration Manager: ... "A service principal name (SPN) is the name by which a client uniquely ... The Kerberos authentication service ...
    (microsoft.public.de.german.win2000.sonstiges)
  • Re: Integrated Windows Authentication
    ... Registering an SPN isn't the issue here. ... The issue is that when Internet Explorer see an address http://IPaddress it does not attempt Kerberos authentication. ... Why can we access Server service using \\ipaddress without register SPN? ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS 6 und Kerberos
    ... My kerberos authentication works. ... I had deleted the SPNs HOST/MOSSserver and ... HOST/MOSSserver.dom.de for the machine account MOSSserver. ... If no such SPN than the HOST is used. ...
    (microsoft.public.inetserver.iis.security)
  • adding another SPN to a domain controller does not stay added
    ... When I add a new SPN to a domain controller of the form 'ldap/oldhostname' due to a Java application requiring that old SPN to use Kerberos authentication, ADS will eventually remove that SPN which causes me to have to add it again before the Java application works. ...
    (microsoft.public.win2000.active_directory)