|
Petra does not automatically register SPNs with AD. Instead, Petra uses the SPN listed in the edbsrvr.INI file's Active Directory SPN line. This line can be set up where so that the EDBSrvr service is set to log on as either a:
- Local system The edbsrvr.INI setting should simply be set to host/computer_name, where computer_name is the name of the computer running the Petra Database Server. This SPN is registered by default for any AD computer and there is no need to register it manually.
- Specific user account The SPN is registered for the specified specific user account. By default, AD does not register any SPN's for User Accounts. IHS recommends registering the SPN the following way: PetraKrbHost/user_name, where user_name is the user the SPN is registered to and is the same user as the EDBSrvr service is using.
Registering an SPN
Please see MSDN documentation for complete information on registering and setting up an SPN at the following URL:
Below is a list of command line switches for viewing, registering, and deleting SPN's on your domain.
The following commands are run from the command prompt using an account with AD Admin access
|
Command Switch
|
Action
|
|
setspn L UserName
|
lists all SPN's registered to a given User
|
|
setspn L ComputerName
|
lists all SPN's registered to a given Computer
|
|
setspn S PetraKrbHost/UserName UserName
|
Adds the SPN PetraKrbHost/UserName to the given User after verifying no duplicates exist
|
|
setspn D PetraKrbHost/UserName UserName
|
deletes the SPN PetraKrbHost/UserName from the given User
|
|