HowTo export all AD service principal names (SPNs) to textfile
27. Februar 2011
Hinterlasse einen Kommentar
If you need to troubleshoot kerberos problems with SharePoint, Reporting Services… you need an overview of all defined HTTP SPNs in Active Directory.
You can use the the following command in a dos-box to quickly output all SPNs to a textfile with the windows tool “LDIFDE.EXE”:
ldifde.exe -f check_spn.txt -t 3268 –d “” -l serviceprincipalname -r “(servicePrincipalName=HTTP*)” -p subtree
Here’s a sample output:
If ldifde.exe i not installed on your server:
Windows 2008
–> Add Remote AD Management Tools (RSAT-ADDS) Feature with Servermanager or:
- Click Start, Run, and in the Open field run ‘ServerManagerCmd -i RSAT-ADDS‘
Windows 2003 –> Install Support Tools from windows server CD or download:
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=96a35011-fd83-419d-939b-9a772ea2df90&displaylang=en
Kategorien:Allgemein
Kerberos, SharePoint, Troubleshooting
