CIFS SPN Missing

0

My domain does not have a SPN for CIFS/mydomain.com. My DC is throwing ErrorCode: KDC_ERR_S_PRINCIPAL_UNKNOWN. There are a number of windows workstations on the domain that are trying to use this SPN.

setspn -a cifs/corp.com.au corp.com.au FindDomainForAccount: Call to DsGetDcNameWithAccountW failed with return value 0x00000525 Unable to locate account corp.com.au

What problems would this cause? Should this SPN be there by default?

windows
active-directory
kerberos
asked on Server Fault Aug 13, 2012 by Ablue • edited Aug 31, 2015 by Ablue

1 Answer

1

I was unaware such and SPN existed... so I checked... My domain has no such SPN, and I'm not having the problem you described either


C:>setspn -L mydomain.com
FindDomainForAccount: Call to DsGetDcNameWithAccountW failed with return value 0x00000525
Could not find account mydomain.com
The command you posted attempts to ADD a new SPN. But with only the domain name, you are not providing an account name to add the SPN to. Perhaps you could tell us more about the error on the workstations. What is the full text of the error? what event number is it?

answered on Server Fault Aug 13, 2012 by Clayton

User contributions licensed under CC BY-SA 3.0