Perhaps I should note that I was only moving file shares and no Kerberized services.
On Mon, Jul 26, 2010 at 4:08 PM, Richard Stovall <[email protected]> wrote: > What OS? I had to do this about a year ago on a 2003 Server and I did not > have to use the setspn tool that I recall. I did have to create a string > value at HKLM\System\CurrentControlSet\Services\lanmanserver\parameters > called OptionalNames, and put the secondary names there (each on its own > line). > > On Mon, Jul 26, 2010 at 3:31 PM, Phillip Partipilo <[email protected]> wrote: > >> I'm decommissioning some servers, and to ease the transition, since we >> have some old code that is hardcoded with old server names, I'm going >> through the motions of setting up CNAME DNS records to point any queries to >> the old server to the new server, set up the key in >> HKLM\System\CurrentControlSet\Services\lanmanserver for >> DisableStrictNameChecking to 0x1, set up the key in >> HKLM\System\CurrentControlSet\Control\Lsa for DisableLoopBackCheck to 0x1, >> and then finally used the setspn tool to add SPNs to the new replacement >> server so it will happily accept and authenticate clients that are asking >> for resources and generating Kerberos tickets for the old server name. >> >> Problem is that the setspn additions aren't holding as persistent... Every >> so often they just disappear... During this transition I don't want to make >> this really ugly by having a scheduled task to run a batch file every minute >> to add these SPNs, so is there a way to force these entries as persistent? >> >> I know this is a severe hack but I'm trying to make my job easy with this >> transition, I'm stretched pretty thin these days :-( >> >> >> >> Phillip Partipilo >> Parametric Solutions Inc. >> Jupiter, Florida >> (561) 747-6107 >> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
