ServicePrincipalName
- Last Updated: January 6, 2017
- 1 minute read
- DataDirect Connectors
- JDBC
- MongoDB 6.0
- Documentation
Purpose
Specifies the three-part service principal name registered with the key distribution center (KDC) in a Kerberos configuration.
Valid Values
Service_Name/Fully_Qualified_Domain_Name@REALM_NAME
where:
- Service_Name
- is the name of the service hosting the instance. The default value is
mongodb.
- Fully_Qualified_Domain_Name
-
is the fully qualified domain name (FQDN) of the host machine. By default, the driver uses the value specified by the HostName property. This value must match the FQDN registered with the KDC. The FQDN consists of a host name and a domain name. For the example
myserver.test.com,myserveris the host name andtest.comis the domain name.
- REALM_NAME
-
is the name of the Kerberos realm. By default, the driver uses the default realm specified in the Kerberos configuration file. This part of the value must be specified in upper-case characters, for example,
EXAMPLE.COM. For Windows Active Directory, the Kerberos realm name is the Windows domain name.
Notes
- By default, the driver builds the ServicePrincipalName by concatenating
the service name
mongodb, the FQDN as specified with the HostName property, and the default realm name as specified in the Kerberos configuration file. If this value does not match the service principal name registered with the KDC, then the value of the service principal name registered with the KDC should be specified for the ServicePrincipalName property. - In a Kerberos configuration, an IP address cannot be used as a FQDN.
- If AuthenticationMethod is set to
userIdPassword, the value of the ServicePrincipalName property is ignored.
Example
The following is an example of a valid service principal name.
mongodb/myserver.test.com@EXAMPLE.COMDefault
Driver builds value based on environment