You need to identify the setspn.exe command that you must run to configure the appropriate Service Principal Name (SPN) for the web site

You are a network administrator of an Active Directory domain named contoso.com. You have a server named
Server1 that runs Windows Server 2012. Server1 has the Web Server (IIS) server role installed. Server1will
host a web site at URL https://secure.contoso.com. The application pool identity account of the web site will be
set to a domain user account named AppPool1. You need to identify the setspn.exe command that you must
run to configure the appropriate Service Principal Name (SPN) for the web site. What should you run?
To answer, drag the appropriate objects to the correct location. Each object may be used once, more than
once, or not at all.
Select and Place:

Answer:

Explanation:

Show Hint

← Previous question

Next question →

Leave a Reply 5

researcher

http://technet.microsoft.com/en-us/library/cc731241.aspx#BKMK_examples

“Example 3: Add a new SPN”

Fausto

The syntax is correct but the argument for -s was supposed to be https/ instead of http since the site hosted is https. so the command should’ve been:

setspn.exe -s https/secure.contoso.com AppPool1

xxx

The answer above is correct. HTTP ist not the protocol, it is the service class.

setspn.exe -s HTTP/secure.contoso.com AppPool1

>>>
The HTTP service class differs from the HTTP protocol. Both the HTTP protocol and the HTTPS protocol use the HTTP service class. The service class is the string that identifies the general class of service. Well-known service class names include “www” for a Web service and “ldap” for a directory service. Generally, the service class name can be any string that is unique to the service class. Be aware that the SPN syntax uses a forward slash character (/) to separate elements. Therefore, the forward slash character (/) cannot appear in a service class name.
>>>

Source: http://support.microsoft.com/kb/929650/en-us

Pirulo

This question has more than one possible answer:

setspn.exe -s http/secure.contoso.com AppPool1

setspn AppPool1 -s http/secure.contoso.com

source:
https://books.google.nl/books?id=6b3lBQAAQBAJ&pg=PA451&lpg=PA451&dq=setspn+CONTOSO%5CSP_WebApps+%E2%80%93s+HTTP/portal&source=bl&ots=xM3Gu2W0Xf&sig=ik6oXA1hMS3vpPEm1wIPV6Q5iJY&hl=fr&sa=X&ei=NIhDVfKfMcixadKcgaAO&redir_esc=y#v=onepage&q=setspn%20CONTOSO%5CSP_WebApps%20%E2%80%93s%20HTTP%2Fportal&f=false

-s = Add an entry to an account (only after checking for duplicates)

leonard

http/secure.contoso.com

https://support.microsoft.com/en-us/kb/929650
The HTTP service class

The HTTP service class differs from the HTTP protocol. Both the HTTP protocol and the HTTPS protocol use the HTTP service class. The service class is the string that identifies the general class of service. Well-known service class names include “www” for a Web service and “ldap” for a directory service. Generally, the service class name can be any string that is unique to the service class. Be aware that the SPN syntax uses a forward slash character (/) to separate elements. Therefore, the forward slash character (/) cannot appear in a service class name.