get-spn syntax

Rising Flight 3,751 Reputation points
2020-09-08T10:56:19.163+00:00

Hi all

i have created spn entries using the below syntax. is there any syntax like get-spn to validate if i have added correct entries rather than checking from AD attribute editor of the service account

setspn -s HTTPS/server01.contoso.com svc_serviceaccount

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,470 questions
Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,379 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,173 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,899 questions
Windows Server Infrastructure
Windows Server Infrastructure
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Infrastructure: A Microsoft solution area focused on providing organizations with a cloud solution that supports their real-world needs and meets evolving regulatory requirements.
515 questions
0 comments
Accepted answer
  1. Vicky Wang 2,646 Reputation points
    2020-09-09T09:13:36.253+00:00

    HI,
    Thank you for posting in our forum. If you want to delete the following entries from powershell, you can post on the powershell forum, they can give you more professional help
    reference:https://social.technet.microsoft.com/Forums/Windows/en-US/home?forum=winserverpowershell
    Hope this information can help you
    Best wishes
    Vicky

    0 comments

3 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rising Flight 3,751 Reputation points
    2020-09-08T11:56:16.25+00:00

    the below syntax worked for me
    Get-ADUser -identity svc_serviceaccount -properties ServicePrincipalNames |Select-Object -ExpandProperty ServicePrincipalNames

    when i execute the above syntax i am getting the below output and now i want to remove the below entries from powershell how do i remove

    HTTPS/server02.contos.com
    HTTPS/server03.contos.com

    0 comments
  2. Thameur-BOURBITA 32,586 Reputation points
    2020-09-09T21:44:55.263+00:00

    Hi,

    If you want check and validate if the SPN has been added correctly you can use the folllowing command: 

    setspn -F -Q Http/ServerName.domain.com

#or

setspn -L svcserviceaccount

    For your information , there is no get-spn command and regarding the SPN , you have to use HTTP instead of HTTPS in SPN even for web server using SSL protocol.

    Please don't forget to mark this reply as answer if it help you to fix your issue

    0 comments
  3. Vicky Wang 2,646 Reputation points
    2020-09-14T07:37:47.81+00:00

    Hi,
     
    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.
     
    Best Regards,
    Vicky

    0 comments