3

I have 4 Domains, 1 Forest Root, 3 children. The children are nearly replicas, and have their machines named the same in all 3 child domains.

For Example:

DC1.dev.example.com
DC2.dev.example.com
DC1.test.example.com
DC2.test.example.com
DC1.prod.example.com
DC2.prod.example.com

From what I can tell, the only issue is the SPN duplication on domain join that requires manually fixing.

DC1.dev.example.com
HOST/DC1
HOST/DC1.dev.example.com

The shortname is a duplicate, so when I add test, the SPNSET function of the AD Domain join process fails, if I manually enter the fqdn in the computer name (extended attributes, service principle names) all is well.

Can I prevent the shortname from being added to SPN?

Jacob Evans
  • 7,636
  • 3
  • 25
  • 55

1 Answers1

0

"Can I prevent the shortname from being added to SPN?"

No.

But you can automate it with a script to add the machines to the domain, including following up with the manual changes. That way you can automated the whole process.

These links should help with that.

http://powershellblogger.com/2015/10/join-computer-to-domain-with-desired-computer-name-and-ou/

https://technet.microsoft.com/en-gb/library/ee617263.aspx

bao7uo
  • 1,664
  • 11
  • 24
  • we already automate domain join processes, and a post setup script could be done, however this is not an answer. – Jacob Evans Dec 16 '16 at 02:27
  • Also this will not work for MSSQL Listeners, which also add shortnames – Jacob Evans Dec 16 '16 at 03:59
  • Sorry, you are right - I didn't actually answer your question! "Can I prevent the shortname from being added to SPN?" The answer is "no". Although please realise that I am trying to help! You didn't mention sql listeners. Maybe this can help - there are more reputable sources, but they don't go into enough detail. https://jeromequief.wordpress.com/2014/05/12/sql-2012-ha-groups-unattended/ – bao7uo Dec 16 '16 at 08:10