June 5, 2018 at 12:34 pm
I've got an issue getting an instance of sql server 2016 sp 1 cu 8 to register the SPN on restart of the server. I am able to manually register the SPN and the SPN will register if I restart the sql service. It simply will not register when I restart the server. Any thoughts on what to look at next would be appreciated. Thanks.
June 5, 2018 at 1:40 pm
Samwell - Tuesday, June 5, 2018 12:34 PMI've got an issue getting an instance of sql server 2016 sp 1 cu 8 to register the SPN on restart of the server. I am able to manually register the SPN and the SPN will register if I restart the sql service. It simply will not register when I restart the server. Any thoughts on what to look at next would be appreciated. Thanks.
The service account would need ReadServicePrincipalName and WriteServicePrincipalName permissions in Active Directory.
Sue
June 5, 2018 at 2:09 pm
I've already worked with my network admins to get these permissions assigned. Besides, I don't think the SPN would register when I restart the service if those permissions weren't there.
June 5, 2018 at 2:33 pm
Samwell - Tuesday, June 5, 2018 2:09 PMI've already worked with my network admins to get these permissions assigned. Besides, I don't think the SPN would register when I restart the service if those permissions weren't there.
You can manually register the SPNs if the service account does not have those permissions.
Sue
June 5, 2018 at 2:39 pm
Samwell - Tuesday, June 5, 2018 2:09 PMI've already worked with my network admins to get these permissions assigned. Besides, I don't think the SPN would register when I restart the service if those permissions weren't there.
How to grant ReadServicePrincipalName and WriteServicePrincipalName rights to SQL Server service start-up account without using ADSDIEDIT tool.
Dynamically Set SPN's for SQL Service Accounts
SQL Server – Could not register the Service Principal Name
SPN Delegation in Active Directory
Pretty much all say the same thing. ReadServicePrincipalName and WriteServicePrincipalName permissions
Sue
June 5, 2018 at 2:51 pm
Folks, ReadServicePrincipalName and WriteServicePrincipalName permissions have already been assigned. I have several servers using the same domain svc account and they have no issue registering the SPN.
Specifically, the SPN won't register when the server is rebooted. It registers if I restart the service or if I do it manually. It is cumbersome to have to manually do this every time the server is restarted and I can't restart the sql service on a production server without causing chaos.
June 5, 2018 at 7:03 pm
I've seen that happen when there is a tiniest time difference on the clock vs domain server. Setting up a dependency on the time service can solve the issue if this is the reason
Or in same cases with clustered instances.
What type of windows account you using? normal AD account, MSA or GMSA
And what, if any, errors/messages are on the log before the "failed to register spn" message
June 8, 2018 at 9:19 am
I set the sql services to start automatically with delay and that seems to have resolved the issue.
Viewing 8 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply