Directory Services |
The DsServerRegisterSpn function composes two SPNs for a host-based service. The names are based on the DNS and NetBIOS names of the local computer. The function modifies the servicePrincipalName attribute of either a specified account or of the account associated with the calling thread. The function either registers or unregisters the SPNs.
A host-based service is a service instance that provides services identified with its host computer, as distinguished from a replicable service where clients have no preference which host computer a service instance runs on.
DWORD DsServerRegisterSpn( DS_SPN_WRITE_OP Operation, LPCTSTR ServiceClass, LPCTSTR UserObjectDN );
Value | Meaning |
---|---|
DS_SPN_ADD_SPN_OP | Adds the SPNs to the user or computer account. |
DS_SPN_DELETE_SPN_OP | Deletes the specified SPNs from the pszAccount account. |
DS_SPN_REPLACE_SPN_OP | Removes all SPNs currently registered on the user or computer account and replaces them with the new SPNs. |
If the function successfully registers one or more SPNs, it returns ERROR_SUCCESS. Modification is performed permissively, so that adding a value that already exists does not return an error.
the two SPNs composed by the DsServerRegisterSpn function have the following format:
ServiceClass/host
In one SPN, the host computer is the fully qualified DNS name of the local computer. In the other SPN, the host component is the NetBIOS name of the local computer.
In most cases, the DsServerRegisterSpn caller must have domain administrator privileges to successfully modify the servicePrincipalName attribute of an account object. The exception to this rule is if the calling thread is running under the LocalSystem account, DsServerRegisterSpn is allowed if the UserObjectDN parameter is either NULL or specifies the distinguished name of the local computer account.
Client: Included in Windows XP and
Windows 2000 Professional.
Server: Included in Windows Server 2003 and
Windows 2000 Server.
Redistributable: Requires Active Directory Client Extension
on Windows NT 4.0 SP6a and Windows 95/98/Me.
Unicode: Implemented as Unicode and ANSI versions on Windows
NT/2000/XP.
Header: Declared in Ntdsapi.h.
Library: Use Ntdsapi.lib.
DsGetSpn, DsWriteAccountSpn, Domain Controller and Replication Management Functions