AD FS 2.0安装SPN注册警告,但出现错误:此联合身份验证服务所需的SPN已在另一个Active Directory帐户上设置。选择其他联合身份验证服务名称,然后重试。 [英] AD FS 2.0 Installation SPN registration warning with error: The SPN required for this Federation Service is already set on another Active Directory account. Choose a different Federation Service name and try again.
问题描述
您好,
我没有太多关于AD FS 2.0的经验,但我需要为开发团队设置一个。我尝试使用WIF文档。
I don't have much hands on experience with AD FS 2.0 but i need to set one up for a dev team. I tried to use the WIF documentation.
我有一个新安装的成员服务器,serverA(hyper-V上的VM),我在其上安装AD FS 2.0
I've got a newly installed member server, serverA (a VM on hyper-V) on which I install AD FS 2.0
为此目的,我有一个帐户DOMAIN\adfsservice
For this purpose I have an account DOMAIN\adfsservice
除了以下警告外,所有似乎都很顺利:
All seems to go very well except for the following warning:
- -------------------------
AD FS 2.0 Federation Server配置向导
---------------------------
错误发生d尝试为指定的服务帐户设置SPN。手动设置服务帐户的SPN。
有关手动设置服务帐户的SPN的详细信息,请参阅"AD FS 2.0部署指南"。
错误消息:此联合身份验证服务所需的SPN已设置为另一个Active Directory帐户。 选择不同的
联邦服务名称,然后重试。
---------------- -----------
确定
-------------------------- -
我确实可以看到已经注册到serverA对象的host / serverA.domain.com 手动注册会导致信任错误,直到您清除它为止。有些帖子声称您需要在DNS中添加另一个A记录并注册(请参阅社区
备注 http://64.4.11.252/en-us/library/dd807078(WS.10)的.aspx )。有人说你需要一个HTTP / SPN,而MS明确表示你需要主持人/ (参见
http://social.technet.microsoft.com/wiki/contents/articles/ad-fs-2-0-how-to-configure-the-spn- serviceprincipalname-for-service-account.aspx )
I can indeed see host/serverA.domain.com that is allready registerd to the serverA object. Registering manuallly leads to trust errors until you clear it. Some post claim you need to put another A records in DNS and register that (see community remarks below http://64.4.11.252/en-us/library/dd807078(WS.10).aspx). Some say you need an HTTP/ SPN and than MS states clearly that you need Host/ (see http://social.technet.microsoft.com/wiki/contents/articles/ad-fs-2-0-how-to-configure-the-spn-serviceprincipalname-for-the-service-account.aspx)
我在这里有点困惑。我是否忽略了警告?我是否从serverA中删除主机并将其添加到adfsservice帐户?请问我使用HTTP /
I'm a bit confused here. Do I ignore the warning? Do I remove host from serverA and add it to adfsservice account? Do I use HTTP/
推荐答案
我遇到了同样的问题。 你能解决这个问题吗?
I'm having the same problem. Were you able to resolve this?
这篇关于AD FS 2.0安装SPN注册警告,但出现错误:此联合身份验证服务所需的SPN已在另一个Active Directory帐户上设置。选择其他联合身份验证服务名称,然后重试。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!