Re: Application Pools, Domain User Accounts and Service Principal Names
- From: Tom McDonnell <qirexrd_@xxxxxxxxxxxx>
- Date: Wed, 22 Feb 2006 08:22:44 +1100
My experience has been that to have an SPN that belongs to the domain service account that does not conflict with the SPNs already assigned to the machine account, you need a new DNS name and a new A record in DNS for that name. Then, if you give the machine account the SPN corresponding to the new DNS name, should be ok.
This is really out of my league, the documentation I have found is purely technical, and nothing you can learn from. Well, it's back to using .NET impersonation and recording static user credentials in the registry...
I feel your pain. :)
The problem is there is no way I can communicate this to Microsoft and say HOY! the documentation doesn't go nearly far enough, how 'bout improving it! I did sent them feedback for the article but I'm sure that will just go off into oblivion.
Thanks Joe.
.
- Follow-Ups:
- Re: Application Pools, Domain User Accounts and Service Principal Names
- From: Joe Kaplan \(MVP - ADSI\)
- Re: Application Pools, Domain User Accounts and Service Principal Names
- References:
- Application Pools, Domain User Accounts and Service Principal Names
- From: Tom McDonnell
- Re: Application Pools, Domain User Accounts and Service Principal Names
- From: Joe Kaplan \(MVP - ADSI\)
- Application Pools, Domain User Accounts and Service Principal Names
- Prev by Date: Custom RoleProvider + <allow roles> not working
- Next by Date: Re: Listing domain users
- Previous by thread: Re: Application Pools, Domain User Accounts and Service Principal Names
- Next by thread: Re: Application Pools, Domain User Accounts and Service Principal Names
- Index(es):
Relevant Pages
|
|
