I am the domain admin and I am not registering my own SPN. From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: Thursday, May 01, 2014 1:02 PM To: [email protected] Subject: Re: [mssms] OT: ADFS of a DC
http://www.phishthis.com/2009/12/30/how-to-give-a-user-account-rights-to-register-its-own-service-principal-name-spn/ Sent from Windows Mail From: Christopher Catlett<mailto:[email protected]> Sent: Thursday, May 1, 2014 1:56 PM To: [email protected]<mailto:[email protected]> you need a specific ad permission to register an SPN (unless you are a domain admin) Sent from Windows Mail From: [email protected]<mailto:[email protected]> Sent: Thursday, May 1, 2014 1:12 PM To: [email protected]<mailto:[email protected]> What should I do about the SPN? It won't let me register a SPN with the service account for some reason. Is that to be expected? Should I ever care? From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of [email protected]<mailto:[email protected]> Sent: Thursday, May 01, 2014 9:47 AM To: [email protected]<mailto:[email protected]> Subject: Re: [mssms] OT: ADFS of a DC in a LAB, yes you can run ADFS on your DC. it will install and it will function. But, PLEASE don’t do that in prod. Sent from Windows Mail From: [email protected]<mailto:[email protected]> Sent: Thursday, May 1, 2014 9:39 AM To: [email protected]<mailto:[email protected]> Before anyone tells me that I am not supposed to run anything else on a domain controller… This is a SMALL LAB ENVIRONMENT and my resources are limited…. Is it, from a technical perspective, possible to add the ADFS role onto a domain controller? When I try to set the SPN I get a message "Duplicate SPN found, aborting operation!" Just for grins I also tried to set the SPN for my CM server and I get the same message. ________________________________ John Marcum MCITP, MCTS, MCSA Sr. Desktop Architect Bradley Arant Boult Cummings LLP ________________________________ [H_Logo] ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer.
