Must SPNs be configured for FIM and BHOLD?


  • When setting up FIM 2010 R2 in a test lab, I did not go through the motions to set up SPNs to enable Kerberos AuthN.  Now, while looking at BHOLD pre-reqs, it also mentions to configure SPNs.  However, is this only in the case that you care Kerberos is being used.  Security issues aside, will not configuring SPNs and therefore not using Kerberos cause functional issues for FIM/BHOLD down the road.  I presume the AuthN protocol is downgraded to NTLM if Kerb is not enabled.


    quarta-feira, 20 de março de 2013 15:00


  • Hi!

    Portal will work OK without SPN's But its better if you configure the SPN's. When you browse the portal from client machines, it will create a lot of securities issues.

    But if you want to configure Password registration and reset portal. Then you must have set SPN's

    And same for Bhold, its recommended.


    M. Irfan

    • Sugerido como Resposta M.Irfan quarta-feira, 20 de março de 2013 15:46
    • Marcado como Resposta Osho27 quarta-feira, 20 de março de 2013 16:44
    quarta-feira, 20 de março de 2013 15:46