[24430] in Kerberos
Confused about SPNs
daemon@ATHENA.MIT.EDU (damore44@hotmail.com)
Tue Aug 9 15:23:53 2005
From: <damore44@hotmail.com>
Date: Tue, 9 Aug 2005 07:53:34 -0400
Message-ID: <11fh6a2262gglc1@corp.supernews.com>
To: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
Hello, I'm new to troubleshooting Kerberos and a little confused about the
SPN's and hopefully someone could clear things up for me. I am running in a
Windows 2000 environment using three servers, SQL server, web server (IIS
5.0) and a Terminal Server. I am using a web application going from the TS
server to the Web server, and then to the database server.
On the SQL and TS servers I am getting the following error"0x7 -
KDC_ERR_S_Principal_UNKNOWN : Server not found in Kerberos Database" both
servers are using local system accounts for IIS and SQL, so the default
SPN's are on the server. When I do a "setspn -L computer name" should I
only see information about the local server (local SPN's)? Or should the
SPN's be pointing to a DC? I read a lot of information about the SPN's but
I guess I am still confused of how this all work. Do I need to set IIS and
SQL with a Domain account for the services?
I appreciate any help or clarification
Thanks,
Dave Vitko
david_vitko@hotmail.com
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos