How can I view SPNs for a server?

John Savill

May 21, 2007

1 Min Read
ITPro Today logo in a gray background | ITPro Today

 

A. To view SPNs (Service Principal Names) registered for a security principal, you can use the Setspn command from the Windows 2003 Support Tools, using the -l parameter and the name of the server. The following example shows the SPNs for a Microsoft Exchange Server system.

C:>setspn -l dalsxc01
Registered ServicePrincipalNames for
CN=DALSXC01,OU=Servers,DC=savilltech,DC=net:
MSSQLSvc/dalsxc01.savilltech.net
exchangeMDB/dalsxc01.savilltech.net
exchangeMDB/DALSXC01
exchangeRFR/dalsxc01.savilltech.net
exchangeRFR/DALSXC01
SMTPSVC/DALSXC01
SMTPSVC/dalsxc01.savilltech.net
NtFrs-88f5d2bd-b646-11d2-a6d3-00c04fc9b232/dalsxc01.savilltech.net
DNS/dalsxc01.savilltech.net
HOST/dalsxc01.savilltech.net/
HOST/DALSXC01
HOST/dalsxc01.savilltech.net
HOST/dalsxc01.savilltech.net/savilltech.net

The format of an SPN should be "service type"/"instance name":"port"/"service name." If the service name and type are the same, you can leave the service name off the end--for example, "service type"/"instance name":"port." If the port is the default for the service type, it can be left off, too--for example, "service type"/"instance name."

About the Author

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like