<div>
<a href="http://technet.microsoft.com/en-us/library/ff512685(WS.10).aspx" rel="ugc nofollow">http://technet.microsoft.com/en-us/library/ff512685(WS.10).aspx</a><br />
<br />
If the address that the clients use to contact the FIM Portal is not the same as the server address, you have to establish an SPN for HTTP.<br />
<br />
If you have only one instance of FIM and you are accessing it by the Server name, then you do not need to set the SPN. &nbsp;
</div>


http://technet.microsoft.com/en-us/library/ff512685(WS.10).aspx [http://technet.microsoft.com/en-us/library/ff512685(WS.10).aspx]

If the address that the clients use to contact the FIM Portal is not the same as the server address, you have to establish an SPN for HTTP.

If you have only one instance of FIM and you are accessing it by the Server name, then you do not need to set the SPN.  

<div>
<div class="content wysiwyg-content">
Hi,<br />
<br />
<br />
I am trying to set up a Service Principal Name (SPN) for the FIMservice with &nbsp;a domain account on Windows server 2008. The name of the service and account is FIMService<br />
<br />
My command is as below<br />
<br />
setspn -S FIMService/localhost CORP\FIMService <br />
<br />
The output of the command is : <br />
<br />
Ldap Error &lt;0X51 -- Server Down &gt;&nbsp;: ldap_connecct<br />
Failed to retrieve DN for domain &quot;&quot;&nbsp;: 0x00000051<br />
Warning: No valid targets specified, reverting to current domain<br />
FindDomainForAccoutn: Call to DsGetDcNameWithAccountW failed with return vlalue 0<br />
Unable to locate account FIMService<br />
<br />
My domain CORP has 2 WIndows Server 2008 R2 instances running and I am trying to set up an SPN for the FIMService on the non-DC instance.<br />
<br />
Please help<br />
<br />
Thanks
</div>
</div>


Hi,


I am trying to set up a Service Principal Name (SPN) for the FIMservice with  a domain account on Windows server 2008. The name of the service and account is FIMService

My command is as below

setspn -S FIMService/localhost CORP\FIMService 

The output of the command is : 

Ldap Error <0X51 -- Server Down > : ldap_connecct
Failed to retrieve DN for domain "" : 0x00000051
Warning: No valid targets specified, reverting to current domain
FindDomainForAccoutn: Call to DsGetDcNameWithAccountW failed with return vlalue 0
Unable to locate account FIMService

My domain CORP has 2 WIndows Server 2008 R2 instances running and I am trying to set up an SPN for the FIMService on the non-DC instance.

Please help

Thanks

Unable to set SPN for the FIM Service in Windows Server 2008 R2

Microsoft Forefront, formerly known as Internet Security and Acceleration Server (ISA Server), is a network router, firewall, antivirus program, VPN server and web cache that runs on Windows servers. It includes identity management and protection systems, and discontinued systems for threat management and network protection, along with protection for Sharepoint and Exchange. The scope of discussions includes forward and reverse proxy, application and service publishing, virtual private networks (VPNs), outbound access rules, SSL certificates and network routing within either a single node or an highly-available array pairing.

Microsoft Forefront ISA Server

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.