I have a wcf application hosted in a windows service running a local windows account. Do I need to set an SPN for this account? If so, what's the protocol the SPN needs to be set under? I know how to do this for services over HTTP, but have never done it for net.tcp.
What SPN do I need to set for a net.tcp service?
By default (i.e. out of the box) net.tcp services are unsecured and don't perform any authentication at all. So you won't need (and in fact can't) set a service principal name.
If you need to authenticate, then check the net.tcp security modes on MSDN. The best way to understand the different combinations is to experiment!
Hey, chaps, why the downvotes? Pur-lease comment at the very least so we can all learn. –
Valenti
I have no idea - it helped me. Here's a +1 to cheer you up :) –
Utile
Change the service account to an AD account and register the SPN's as shown. Use your own service name e.g. fooservice
setspn -A fooservice/servermachinename domain\serviceAccountName
setspn -A fooservice/servermachinename.fullyqualifieddomainname domain\serviceAccountName
In the client config set:
<identity>
<serviceprincipalname value="fooservice/servermachinename" />
</identity>
By default (i.e. out of the box) net.tcp services are unsecured and don't perform any authentication at all. So you won't need (and in fact can't) set a service principal name.
If you need to authenticate, then check the net.tcp security modes on MSDN. The best way to understand the different combinations is to experiment!
Hey, chaps, why the downvotes? Pur-lease comment at the very least so we can all learn. –
Valenti
I have no idea - it helped me. Here's a +1 to cheer you up :) –
Utile
© 2022 - 2024 — McMap. All rights reserved.