
Question and Answer:

  Home  Active Directory

⟩ Define computer acccounts in Active Directory?

Each computer account created in Active Directory has a relative distinguished name, a preWindows 2000 computer name (SAM account name), a primary DNS suffix, a DNS host name and a service principal name. This computer name is used as the LDAP relative distinguished name.

Active Directory suggests the pre-Windows 2000 name using the first 15 bytes of the relative distinguished name. This can be changed at any time. The primary DNS suffix defaults to the full DNS name of the domain to which the computer is joined. The DNS host name is built from the first 15 characters of the relative distinguished name + the primary DNS suffix. The service principal name is built from the DNS host name. The service principal name is used in the process of mutual authentication between the client and the server hosting a particular service. The client finds a computer account based on the service principal name of the service to which it is trying to connect.


More Questions for you: