In environments using Active Directory as an identity provider, configure the service principal name (SPN) for the Keyfactor Command server as follows:
- On a server that has the setspn command available (typically it is available on domain controllers, as it installs as part of the Active Directory Domain Services role), open a command prompt using the “Run as administrator” option.
- Run the following command (where keyfactor.keyexample.com is the fully qualified domain name of your Keyfactor Command server or the DNS
The Domain Name System is a service that translates names into IP addresses. alias you are using to reference your Keyfactor Command server, if applicable, and KEYEXAMPLE\svc_keyfactorpool is the domain name and service account name of the service account under which the Keyfactor Command application pool for the Management Portal is running):
setspn –s HTTP/keyfactor.keyexample.com KEYEXAMPLE\svc_keyfactorpool