Highest Voted 'spn' Questions - Database Administrators Stack Exchange

10

votes

3 answers

What should my SPN entries look like for each SQL instance?

I'm finding contradictory information for how exactly to format SPNs (Service Principle Names) to get the proper Kerberos connections, and how many I need for each SQL instance. This 2017 MS document contains the following: Beginning with SQL…

sql-server kerberos spn

asked Jul 17 '17 at 21:42

BradC

10,073
9
51
89

4

votes

1 answer

set SPN on SQL cluster

I have a question about how to manually set SPN for using Kerberos authentication on a SQL cluster. Do I set one SPN on the clustername or one on each node? I also have a default named instance, do i specify the name of the instance?

sql-server sql-server-2014 kerberos spn

asked Nov 08 '16 at 12:09

hanness

55
1
5

3

votes

2 answers

How to prevent SQL Server service account from registering / deregistering SPN?

The service account is a domain account. It is not a domain admin (nor is it a member of any group that is a domain admin). It has neither "write servicePrincipalName" nor "Write public information" permission (nor a member of a group with these…

sql-server spn

asked Dec 13 '12 at 14:35

Henry Lee

1,246
1
10
16

2

votes

0 answers

SQL Server could not register the Service Principal Name (SPN) ... without membership in Domain Admins

A separate domain account was created for the database engine service of a SQL Server Failover Cluster Instance. Server Principal Names (SPNs) were added manually via the SetSPN.exe command line tool. If the domain account for the database engine…

sql-server sql-server-2022 spn windows-server-2022

asked Apr 26 '23 at 19:50

Dave Mason

875
1
8
19

2

votes

2 answers

Registration of SPNs for Availability Groups

Manually registering SPNs for Availability group - Do I need to register SPNs for the AG Listener as well as the individual nodes, for both the instance name and the listening ports for the managed service account? The application uses the Listener…

sql-server availability-groups configuration listener spn

asked Feb 14 '23 at 22:18

PTL_SQL

405
4
11
27

2

votes

1 answer

Restore over dns alias fails with Operating system error 1326(The user name or password is incorrect.)

following configuration: SQL Server is running on server.domain.intra with an gMSA. DNS alias: server-db-dev.domain.intra gMSA Permissions on backup share: Full Control SPNs set for…

sql-server spn

asked Aug 15 '22 at 06:47

Shashahan

23
2

2

votes

1 answer

What is Accepted NTLM SPNs

In SQL Server Configuration Manager on the Advanced tab in TCP/IP Protocol properties box there is an option Accepted NTLM SPNs. What is the use of that option and how it can be used?

sql-server tcpip configuration-manager spn

asked Nov 20 '19 at 08:16

admin

21
1
2

2

votes

0 answers

Enabling Kerberos for Microsoft SQL Server Reporting Services

I am trying to enable Kerberos for MS SQL Server Reporting Services. I am fairly familiar with Windows security and how it works. However, I am new to Scale Out Deployment and Clustering of Windows Servers. I know I need to add SPNs that direct…

sql-server ssrs kerberos spn

asked Mar 21 '19 at 15:04

lawlesm

21
1

2

votes

1 answer

SQL Server - register Service Principle Name without service restart?

I have a live SQL Server 2012 environment that had no SPN registered - this has previously not been an issue as Kerberos authentication wasn't required. But now it is required. I have configured everything correctly, but after these changes I want…

sql-server kerberos spn

asked Nov 19 '18 at 12:46

paulH

1,642
1
21
40

2

votes

0 answers

SQL Server SPNs not being created, state: 43

I'm trying to configure a SQL Server 2014 (12.0.5000.0) instance to use a regular user account in AD and Kerberos auth. During installation the default accounts (local system ones) were used, and the SPNs MSSQLSvc/:[ | ]…

sql-server-2014 kerberos spn

asked Feb 27 '18 at 12:56

Samuel Harmer

121
5

2

votes

1 answer

SPN clarifications

We are getting below message: ‘SQL Server cannot authenticate using Kerberos because the Service Principal Name (SPN) is missing, misplaced, or duplicated.’ I found an article on how to get it fixed. But I still have the following…

sql-server-2008-r2 sql-server-2014 spn

asked Sep 23 '16 at 11:02

Learning_Learning

1,620
25
49

1

vote

2 answers

The SQL Server Network Interface library could not deregister the Service Principal Name

After windows patching (windows 2008 R2 , SQL Server 2012 Sp2). I could not start SQL Server Service . I get error 1067 and this from the error log* The SQL Server Network Interface library could not deregister the Service Principal Name (SPN) for…

sql-server sql-server-2008-r2 sql-server-2012 spn

asked Apr 26 '15 at 07:11

user42148

177
2
4
9

1

vote

0 answers

Windows authentication on remote client accessing SQL Server 2022 with SSMS

I have installed SQL Server 2022 on Windows Server 2019 Datacenter, and applied the March SQL Server 2022 Cumulative Updates. Also installed on the server is SSMS 18.12.1 and 19.0.2. On a remote machine, I have SSMS 19.0.2. Both machines are on the…

sql-server connectivity authentication spn sql-server-2022

asked Mar 29 '23 at 15:44

K Harrison

11
3

1

vote

0 answers

SSIS 2017 KerberosSupport - Double Hop Issue

I am having an issue with what appears to be a kerberos double hop issue with SSIS 2017. The setup consists of a backend database cluster servers (DBSERVER01\02) an Application\SSIS server (APPSERVER01) and various clients connecting from other…

sql-server ssis kerberos spn

asked May 06 '19 at 01:06

David

11
1

1

vote

1 answer

Connection to database causes SSPI context error

I have migrated a SQL server from another server box that was decommissioned. They have the same name and also same IP address. However, when I connect to the server from an application using trusted connection, I get the "SSPI context not…

sql-server sql-server-2008-r2 spn

asked Mar 21 '16 at 23:12

damola

11
2

Questions tagged [spn]