[EMAIL PROTECTED] wrote: > How can I list all the servers that I have mapped with the Ktpass > command? > > We are using Kerberos for SSO from our Middle Tier application that we > develop. To make this work I must map the middle Tier's servername > with an account in the domain. Here's a sample ktpass command that I > use to do this: > > ktpass -princ HTTP/[EMAIL PROTECTED] -mapuser svruser - > pass svruserpwd > > I'm working in a development environment and have done this many > times. I'd like to know which machines I have already mapped. How > can I get the list? The domain controller is Win Server 2003 SP1
from a cmd.exe prompt (on a computer joined to this domain,) you can run net group "domain computers" /domain to get a list all every computer account. (Assuming you are indeed using computer accounts and not user accounts.) You can then run the setspn.exe -L "computername" for each computername in the above list to see what mappings have been assigned. I do not know of a way to specifically list computers with modified SPNs without checking each and every object. <<CDC ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos