在没有SetSPN的Windows域上查询/更改SPN [英] Query/Change SPNs on Windows Domain without SetSPN

查看:2216
本文介绍了在没有SetSPN的Windows域上查询/更改SPN的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

有人在Windows域上查询/更改SPN有任何运气吗? Google上的大多数匹配都是SQL相关的:我找不到任何有关如何自己执行此操作的信息。最重要的事情是查询SPN配置并检查重复项。



根据Arnout,我做了以下代码:

  static void Main(string [] args)
 {
 ValidateSPN(K2Server / jonathand-vpc:5252); 
} 
 
 static void ValidateSPN(string spn)
 {
 const string queryFormat =(ServicePrincipalName = {0}); 
 
使用(Domain localDomain = 
 Domain.GetCurrentDomain())
 {
 using(DirectorySearcher search = new DirectorySearcher(
 localDomain.GetDirectoryEntry )
 {
 
 search.Filter = string.Format(queryFormat,spn); 
 search.SearchScope = SearchScope.Subtree; 
 
 SearchResultCollection collection = search.FindAll(); 
 
 if(collection.Count> 1)
 throw new Exception(Duplicate SPNs found。); 
 else if(collection.Count == 0)
 throw new Exception(No such SPN); 
} 
} 
}


解决方案>

看起来这个信息存储在 servicePrincipalName AD属性中。有关详情,请参见此页 ,特别是使用LDIFDE搜索部分。


Has anyone had any luck with querying/changing SPNs on a Windows domain? Most of the hits on Google are SQL related: I can't find any information on how to do this myself. The most important things would be to query to SPN configuration and check for duplicates.

According to Arnout I made the following code:

    static void Main(string[] args)
    {
        ValidateSPN("K2Server/jonathand-vpc:5252");
    }

    static void ValidateSPN(string spn)
    {
        const string queryFormat = "(ServicePrincipalName={0})";

        using (Domain localDomain =
            Domain.GetCurrentDomain())
        {
            using (DirectorySearcher search = new DirectorySearcher(
                localDomain.GetDirectoryEntry()))
            {

                search.Filter = string.Format(queryFormat, spn);
                search.SearchScope = SearchScope.Subtree;

                SearchResultCollection collection = search.FindAll();

                if (collection.Count > 1)
                    throw new Exception("Duplicate SPNs found.");
                else if (collection.Count == 0)
                    throw new Exception("No such SPN");
            }
        }
    }

解决方案

It looks like this information is stored in the servicePrincipalName AD attribute. See this page for more info, in particular the "Search using LDIFDE" section.

这篇关于在没有SetSPN的Windows域上查询/更改SPN的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆