I'm working on disabling NTLM in our setup, and I've encountered an issue with accessing a file share that's on a Windows file server in our partner's trusted domain. It seems like I'm only seeing traffic on port 445 and not port 88. Do I need to configure a Service Principal Name (SPN) for the file share when using \\share.domain.local? If that's the case, where exactly should I add this SPN? Any guidance would be greatly appreciated!
5 Answers
Remember, the SPN for the file share will be associated with the computer object in the partner's domain. If you're having access issues, running a packet capture with Wireshark could help you see if any necessary ports are being blocked.
Try accessing the share using the fully qualified domain name (FQDN). If you're using an alias, that might be causing the issue.
Just a heads-up, don't open port 445 without setting up an SPN first. That could expose your network to hackers trying to gain access.
First off, check if the trust between your domains is a two-way forest trust. The SPN needs to be in the other domain. Sometimes, they might create a DNS entry and not set an SPN, which can lead to confusion.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures