I have a Windows 2008 R2 domain controller with more than 60 user accounts. Each time one of these users tries to connect to the DC authentication "falls back" to NTLM. Kerberos authentication fails because the users' SPNs are missing.
I would like to set this attribute for all the user accounts. Do I have to manually set manually the SPN attribute for each user? Or is there a better solution?