Hi Ronak,
I looked at the note and i think i am a little confused, it mentions that cluster name in identifying the SPN's which were done. So i have two nodes (Server1,Server2) in a cluster
and i have the following Spns for my service account that are created:
HTTP/Server1
HTTP/Server1.DOMAIN.INTERNAL
HTTP/Server2
HTTP/Server2.DOMAIN.INTERNAL
BICMS/Service Account.DOMAIN,INTERNAL
i think the sap note states how to delete the multiple SPN's but my questions was more on the line of how to identify if we have multple SPN's first. So is there a command to check for multiple SPN's ?
I ran "setspn -l serviceaccount" and it gave me the list of SPN's listed above "
HTTP/Server1
HTTP/Server1.DOMAIN.INTERNAL
HTTP/Server2
HTTP/Server2.DOMAIN.INTERNAL
BICMS/Service Account.DOMAIN,INTERNAL
But when i ran the "setspn -l machinename{Server 2}
It actually showed me the following:
WSMAN/Server2.DOMAIN.INTERNAL
WSMAN/Server2
TERMSRV/Server2.DOMAIN.INTERNAL
TERMSRV/Server2
RestrictedKrbHost/Server2
RestrictedKrbHost/Server2.DOMAIN.INTERNAL
HOST/Server2
HOST/Server2.DOMAIN.INTERNAL
Is this how we check duplicate SPN's? is it suppose to be by local system name or service account name because server name is Server 1 and Server 2 but Service account name used is same for both. Plus none of the SPN's by machine/server name resembles the Service account SPN's created
Please provide your feedback