See Service Principal Names in your domain

Posted on by

To see all the service principal names registered in your domain, execute the following command:

ldifde -f <FileName> -s <DomainController> -t 3268 -d dc=forest,dc=root -r
"(objectclass=computer)" -l servicePrincipalname

this will return all computerobjects with an SPN and place it in the file <filename>. For all users execute the following:

ldifde -f <FileName> -s <DomainController> -t 3268 -d dc=forest,dc=root -r
"(objectclass=user)" -l servicePrincipalname

In this command replace forest with your NetBIOS domain name (i.e. marcvalk), root with your top level domain (i.e. net)

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>