J'ai wrestled avec service principle names a peu de times now et le Microsoft explanation is juste pas sufficient. Je suis configuring an IIS application to work on our domain et it looks like certains of mon issues are related to mon need to configure http specific SPNs on the windows service account that is running le application pool hosting mon site.
All this has made me realize I juste ne fully get le relationship entre service types (MSSQL, http, host, termsrv, wsman, etc.), Kerberos authentication, active directory computer accounts (PCName$), windows services accounts, SPNs, et le user account Je suis using to try et access a service.
Can someone please explain Windows Service Principle Names (SPNs) sans oversimplifying le explanation?
Bonus points for a creative analogy that would resonate avec a moderately experienced system administrator/developer.
