For example, HTTP/mail.contoso.com. To add an SPN that's not an FQDN (for example, HTTP/ContosoMail), you also need to use the AllowDotlessSPN value for the ExtendedProtectionFlags parameter. To enter multiple values and overwrite any existing entries, use the following syntax: Value1,...
若要添加非 FQDN (的 SPN,例如 HTTP/ContosoMail) ,还需要为 ExtendedProtectionFlags 参数使用 AllowDotlessSPN 值。 若要输入多个值并覆盖任何现有条目,请使用以下语法: Value1,Value2,...ValueN。 如果值包含空格或需要引号,请使用以下语法: "Value1","Value2",..."ValueN"。 若要在不影响任何现有条目...
Aliases: SPN Position: Named Default value: None Required: False Accept pipeline input: True Accept wildcard characters: False-BackendServerCertificateValidationSpecifies whether Web Application Proxy validates the certificate that the backend server presents. The acceptable values for this parameter are: ...
若要添加非 FQDN (的 SPN,例如 HTTP/ContosoMail) ,还需要为 ExtendedProtectionFlags 参数使用 AllowDotlessSPN 值。 若要输入多个值并覆盖任何现有条目,请使用以下语法: Value1,Value2,...ValueN。 如果值包含空格或需要引号,请使用以下语法: "Value1","Value2",..."ValueN"。 若要在不影响任何现有条目...
For example, HTTP/mail.contoso.com. To add an SPN that's not an FQDN (for example, HTTP/ContosoMail), you also need to use the AllowDotlessSPN value for the ExtendedProtectionFlags parameter. To enter multiple values and overwrite any existing entries, use the following syntax: Value1,...
[-ExtendedProtectionSPNList <MultiValuedProperty>] [-ExtendedProtectionTokenChecking <ExtendedProtectionTokenCheckingMode>] [-ExternalAuthenticationMethods <MultiValuedProperty>] [-ExternalDownloadHostName <String>] [-ExternalSPMySiteHostURL <String>] [-ExternalUrl <Uri>] [-FailbackUrl <Uri>] [-Filter...
For example, HTTP/mail.contoso.com. To add an SPN that's not an FQDN (for example, HTTP/ContosoMail), you also need to use the AllowDotlessSPN value for the ExtendedProtectionFlags parameter. To enter multiple values and overwrite any existing entries, use the following syntax: Value1,...
For example, HTTP/mail.contoso.com. To add an SPN that's not an FQDN (for example, HTTP/ContosoMail), you also need to use the AllowDotlessSPN value for the ExtendedProtectionFlags parameter. To enter multiple values and overwrite any existing entries, use the following syntax: Value1,...
The warning about the SPN is a known issue that can be fixed by running the following command at the command line (make sure you run the command line as an administrator): setspn -a host/localhost adfssvc Note thatadfssvcis the name of the service account I used...
AllowDotlessSPN:如果要使用服务主体名称 (SPN) 不包含 FQDN 的值, (例如 HTTP/ContosoMail 而不是 HTTP/mail.contoso.com) ,则是必需的。 使用 ExtendedProtectionSPNList 参数指定 SPN。 此设置使针对身份验证的扩展保护的安全性降低,因为无点证书不是唯一的,因此无法确保通过安全通道建立客户端到代理连接。