On Mon, 28 Nov 2011, Ondrej Valousek wrote:
Yes. My understanding is the only difference between a service principal and a user principal is that the KDC will not issue a ticket granting ticket to a service principal.
jh
Yes and it is no wonder because UPN and SPN serve a different task. I recommend searching MS technet for this. They have a nice explanation for this.
In simple terms it's service for a receiver and user for initiator. Unfortunately this can sometimes get a little blury. NFSv4 is a good example of that.
jh