SPNΒΆ

SPN (Service Principal Name): Used to authenticate access by users to service accounts in the enterprise directory.

When the user needs a service account, it sends the SPN defined on itself to KDC (Key Ditribution Center). KDC sends the ticket created with this SPN password back to the user. Before this ticket is opened, it is sent to the computer from which the service is requested, and identity verification is made.

Note

In order for a service to authenticate, it must use SPN and that SPN must be added to the user attributes it uses to log in.

Note

KDC (Key Distribution Center) is a network service that provides login ticket and authentication for computers to users in a domain. KDC works on every domain controller.

SPN Users Tab

On the screen above, you can list, add or delete SPN records found on users.

SPN Computers Tab

On the screen above, you can list, add or delete SPN records found on computers.