Windows Server: Sample uses of SETSPN

SPN means "Service Principal Name". In Active Directory you can set an SPN with the command line tool SETSPN. Find below some usage examples which I use often:

  • setspn -Q http/ ==> Check if the SPN "http/" exists
  • setspn -L MyServer ==> Show all SPNs for MyServer
  • setspn -X ==> Search for duplicate SPNs in the current domain
  • setspn -S http/ MyServer ==> Set the SPN for a specific Server object in AD. This also checks for duplicate SPNs

SPNs can also be viewed and edited in AD Attribute Editor under the attribute


of an AD object.

