|
What happens if SPNs are not EVER set? |
|
Subject: What happens if SPNs are not EVER set?
Author: Alex_Raj
In response to: What happens if SPNs are not correctly set?
Posted on: 05/30/2006 08:30:02 PM
Chances are your service is a well-known service, like HTTP, TIME, and you need not to specifically register your service. Otherwise, KDC_ERR_C_PRINCIPAL_UNKNOWN or a KDC_ERR_S_PRINCIPAL_UNKNOWN error.
>
> On 05/30/2006 08:23:52 PM Alex_Raj wrote:
Service Principal Names (SPNs) are unique identifiers for services running on servers. Every service that will use Kerberos authentication needs to have an SPN set for it so that clients can identify the service on the network. If an SPN is not set for a service, then clients will have no way of locating that service. Without properly set SPNs, Kerberos authentication is not possible.
If an SPN has not been correctly set and a client attempts to obtain a service ticket, a common result is a KDC_ERR_C_PRINCIPAL_UNKNOWN or a KDC_ERR_S_PRINCIPAL_UNKNOWN error. Furthermore, there are many other errors for which the cause might be a missing or an incorrectly set SPN.
References:
|
|
|
|