Set-MsolServicePrincipal和服务主体名称问题 [英] Set-MsolServicePrincipal and Service Principal Names Question
问题描述
我正在尝试使用本地SharePoint和SharePoint Online配置信任关系,以便可以使用ACS和低信任度应用程序.有关如何执行此操作的示例很多,但似乎都与我的SharePoint配置无关.我的房东 网站集使用与我的Web应用程序URL不同的URL结构.没有人使用完全限定的域名.
I am trying to configure a trust with my on-premise SharePoint and SharePoint Online so that I may make use of ACS and low-trust apps. There are many examples on how to do this, but none seem to correlate to my SharePoint configuration. My Host-named site collections use a different URL structure than my web application URL. None use fully qualified domain names.
我的设置类似于:
- 域: contoso.com
- 网络应用程序: https://abc (没有域名,也没有到达abc.contoso.com的AAM)
- 所有网站集的格式为:https://sharepoint/sites/sitename(无域名)
当我运行Set-MsolServicePrincipal时我的服务主体名称应采用以下格式:
When I run Set-MsolServicePrincipal should my Service Principal Name be in the format:
00000003-0000-0ff1-ce00-000000000000/abc.contoso.com 或者
00000003-0000-0ff1-ce00-000000000000/abc.contoso.com Or
00000003-0000-0ff1-ce00-000000000000/*.contoso.com 或者
00000003-0000-0ff1-ce00-000000000000/*.contoso.com Or
00000003-0000-0ff1-ce00-000000000000/abc
00000003-0000-0ff1-ce00-000000000000/abc
或者,我是否将Web应用程序上的AAM配置为abc.contoso.com和使用:
Or, do I configure AAM on my web application to abc.contoso.com and use:
00000003-0000-0ff1-ce00-000000000000/abc.contoso.com
00000003-0000-0ff1-ce00-000000000000/abc.contoso.com
推荐答案
Robert,您好,
Hi Robert,
据我所知,服务主体名称需要设置为"contoso.com".
Per my knowledge, the service principal name need to set as "contoso.com".
<实例名称>是您公司的公共DNS名称空间,与Web应用程序名称和网站集名称无关.
The <instance name> is your company’s public DNS namespace which not related to the web application name and site collections name.
使用通配符值可使SharePoint Online验证与该域中任何主机的连接.如果您需要更改外部终结点的主机名(如果您的拓扑包括一个主机名)或要更改SharePoint Server,这将非常有用. 未来的2013 Web应用程序.
Using a wildcard value lets SharePoint Online validate connections with any host in that domain. This is useful if you ever need to change the host name of the external endpoint (if your topology includes one) or if you want to change your SharePoint Server 2013 web application, in the future.
参考:
https://technet.microsoft.com/zh-cn/library/dn197169.aspx#配置本地SharePoint Server和SharePoint Online之间的服务器到服务器身份验证
https://technet.microsoft.com/en-us/library/dn197169.aspx#Configure server-to-server authentication between on-premises SharePoint Server and SharePoint Online
最诚挚的问候,
Grace Wang
Grace Wang
这篇关于Set-MsolServicePrincipal和服务主体名称问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
