根据
Setspn Overview,不鼓励使用Setspn -A添加SPN记录,建议使用Setspn -S代替.
据说Setspn -S在添加新SPN之前检查SPN是否已经存在. Setspn -A不执行此检查.
Although you can use Setspn -A to add an SPN,you should use Setspn -S
instead because -S will verify that there are no duplicate SPNs.
但是在Windows Server 2012上,我看到Setspn -S和Setspn -A的行为方式相同:如果存在帐户的SPN记录,那么我使用-A和-S参数都会失败.
Setspn -S和Setspn -A之间有什么真正的区别吗?
不再.你回答了自己的问题.显然已经决定不再需要原来的-A功能,不再检查重复…但是你不能随便扯掉-A out,因为某人的脚本在某处使用-A会打破.
http://technet.microsoft.com/en-us/library/hh831747.aspx
Changes to SetSPN
In Windows Server 2012,SetSPN will no longer be able to register
duplicate SPNs in a domain. When SetSPN –a is used,SetSPN will treat
it as SetSPN –s.For eveloping information about SetSPN,see Service Principal Names (SPNs) SetSPN Syntax (Setspn.exe) on the TechNet Wiki. For the command reference,see Setspn in the TechNet Library.
