Jun 23 2022 01:54 PM
I've been looking at eliminating NTLM use in my domain, and noticed that Windows clients' print spooler service is falling back to using NTLM to reach the print server. Digging deeper, it's making a request that I can't decipher at all...
"The service principal name (SPN) krbtgt/NT Authority@<my domainfqdn> is not registered, which caused Kerberos authentication to fail: 0x7. Use the setspn command-line tool to register the SPN."
Kerberos auth works for everything else in the domain, I'm ONLY seeing this from the print spooler.
Sep 16 2022 01:53 PM
Dec 08 2022 08:21 AM
Mar 03 2023 10:02 AM