Now, if i manually go into the account in ADSIEdit and add the SPN that way, it seems to work fine, though our SQL Server still doesn't run with KERBEROS
We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
Hi All,
I have this issue with an SQL Server at the moment...
I update the SPN using:
C:\Users\Administrator>setspn -A MSSQLSvc/HOSTNAME.DOMAIN.DNS:1433 DOMAIN\
SQLEngine_JPTKYDNSV2
Registering ServicePrincipalNames for CN=SQLEngine HOSTNAME,OU=Accounts,OU=M
icrosoft SQL Server,OU=Enterprise Applications,DC=DOMAIN,DC=dns
MSSQLSvc/HOSTNAME.DOMAIN.DNS:1433
Updated object
i wait for the replication to occur or kick it off manually with:
C:\>repadmin /syncall
CALLBACK MESSAGE: The following replication is in progress:
From: 6f69988a-4eff-4278-85a4-2bd1c7fe27a9._msdcs.domain.dns
To : acd5ca47-422e-48bd-a05d-c16c45a10693._msdcs.domain.dns
CALLBACK MESSAGE: The following replication completed successfully:
From: 6f69988a-4eff-4278-85a4-2bd1c7fe27a9._msdcs.domain.dns
To : acd5ca47-422e-48bd-a05d-c16c45a10693._msdcs.domain.dns
CALLBACK MESSAGE: SyncAll Finished.
SyncAll terminated with no errors.
Looks OK
running setspn -L returns
C:\Users\Administrator>setspn -L HOSTNAME
Registered ServicePrincipalNames for CN=HOSTNAME,OU=Servers,OU=Microsoft SQL
Server,OU=Enterprise Applications,DC=DOMAIN,DC=dns:
TERMSRV/HOSTNAME
TERMSRV/HOSTNAME.domain.dns
HOST/HOSTNAME
HOST/HOSTNAME.domain.dns
Running a duplicate check returns
C:\Users\Administrator>setspn -X
Processing entry 0
found 0 group of duplicate SPNs.
Weird?
Now, if i manually go into the account in ADSIEdit and add the SPN that way, it seems to work fine, though our SQL Server still doesn't run with KERBEROS
Share this post
Link to post
Share on other sites