Terry
Do you need to trust the computer account for delegation?
From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of T C
Sent: Monday, April 03, 2006 5:19 PM
To: Active Directory Discussions
Subject: [ActiveDir] Creating a service instance account in AD
Hi,
I am working on bringing a Unix service under AD. To do this I need to map a service
principal name (SPN) to an AD account. The MS document specifies using a user
account for this, and I have tested with this and it works. However, I am also
trying to use a computer account for this. Everything seems to work except the
ticket cannot be decrypted. So I am curious if computer accounts can be used
for this purpose. It seems quite straightforward, but it just didn't work.
Thanks,
Terry
