I can’t figure out where the same SPNs are. And what needs to be removed. And how to remove it.
The problem is this. After migrating the ADFS server (converting a virtual machine from hyperv to vmware), the Active Directory Federation Service stopped running. It turns out that the old gMSA sevice account no longer works. If I start the service from my admin account, then the service starts. I decided to create another gMSA to run the ADFS service. But now the service is citing a different error. I found the Microsoft manual that you need to configure SPN as well. I enter the command setspn -a host/ADFS01.corp.mnivea.com adfs2 and the error comes up that Duplicate SPN found, aborting operation! I don’t understand where the duplicates are and what needs to be removed?
PS C:\Windows\system32> setspn -a host/ADFS01.corp.mnivea.com adfs_srv2
Checking domain DC=corp,DC=mnivea,DC=com
CN=ADFS01,OU=Servers,DC=corp,DC=mnivea,DC=com
WSMAN/ADFS01.corp.mnivea.com
WSMAN/ADFS01
ldap/ADFS01.corp.mnivea.com
ldap/ADFS01.corp.mnivea.com:389
ldap/ADFS01
ldap/ADFS01:389
E3514235-4B06-11D1-AB04-00C04FC2DCD2-ADAM/ADFS01.corp.mnivea.com:389
E3514235-4B06-11D1-AB04-00C04FC2DCD2-ADAM/ADFS01:389
ldap/ADFS01.corp.mnivea.com:50000
ldap/ADFS01:50000
E3514235-4B06-11D1-AB04-00C04FC2DCD2-ADAM/ADFS01.corp.mnivea.com:50000
E3514235-4B06-11D1-AB04-00C04FC2DCD2-ADAM/ADFS01:50000
TERMSRV/ADFS01.corp.mnivea.com
TERMSRV/ADFS01
RestrictedKrbHost/ADFS01
HOST/ADFS01
RestrictedKrbHost/ADFS01.corp.mnivea.com
HOST/ADFS01.corp.mnivea.com
Duplicate SPN found, aborting operation!