从Linux构build服务器创build一个SPN

我正在设置一个可以自动为新公开的服务URL创buildSPN的进程。 我知道如何使用带有正确的特权的setspn -A命令来创buildWindows的SPN。

由于我的构build服务器在Linux上运行,我想知道除了login到Windows服务器并运行setspn – 从Linux服务器创buildSPN吗?

当您使用setspn工具时,您所做的只是修改AD中指定的计算机/用户的servicePrincipalName属性。

要从Linux机器上执行相同的操作,只需使用LDAP工具连接到域控制器,并像修改其他任何一个一样修改属性。 请记住,这是一个多值属性。 因此,不要意外清除目标上可能存在的条目。

用于Windows远程pipe理 (WinRM)的Python库可让您在Linux计算机上的Windows计算机上运行远程命令

pywinrm是Windows远程pipe理(WinRM)的Python客户端。 这使您可以从任何可以运行Python的机器上调用目标Windows机器上的命令。

https://blogs.technet.microsoft.com/heyscriptingguy/2015/10/27/using-winrm-on-linux/

https://github.com/diyan/pywinrm

我不认为有一个在Active Directory中注册SPN的Linux工具。 根据您的应用程序以及如何设置,您可以委派服务帐户注册SPN。

 Open Active Directory Users and Computers. To open Active Directory Users and Computers, click Start, click Run, type dsa.msc, and then press ENTER. Click View, and verify that the Advanced Features check box is selected. Click Advanced Features, if it is not selected. If the domain to which you want to allow a disjoint namespace does not appear in the console, take the following steps: In the console tree, right-click Active Directory Users and Computers, and then click Connect to Domain. In the Domain box, type the name of the Active Directory domain to which you want to allow the disjoint namespace, and then click OK. As an alternative, you can use the Browse button to locate the Active Directory domain. In the console tree, right-click the node that represents the domain to which you want to allow a disjoint namespace, and then click Properties. On Security tab, click Advanced. On the Permissions tab, click Add. In Enter the object name to select, type the group or user account name to which you want to delegate permission, and then click OK. Configure the Apply onto box for Computer objects. At the bottom of the Permissions box, select the Allow check box that corresponds to the Validated write to service principal name permissions, and then click OK on the three open dialog boxes to confirm your changes. Close Active Directory Users and Computers.