Brian et. al., we are struggling to get SQL authentication with Kerberos running on a SQL 2014 named instance called SHAREPOINT, port number 5733. The default instance on this db server is occupied by Lync. I read your article -- very concise and helpful, thank you. We've tried everything we can think of but SQL still reports all connections are defaulting to NTLM.

One point of confusion is this -- after starting and restarting the SQL named instance, we got 2 SPN's automatically created, as follows:

MSSQLSvc/<hostname.domain.net:5733> <account> and

MSSQLSvc/<hostname.domain.net:SHAREPOINT> <account>

Your article suggests (like others I've read) that we also need an SPN for the NetBIOS name of the server and port number. In other words:

MSSQLSvc/<hostname:5733> <account> and

MSSQLSvc/<hostname:SHAREPOINT>

BUT no matter what we do or try, SETSPN rejects these two commands w/ a syntax error, saying that "MSSQLSvc/<hostname:5733> is an unknown parameter".

So, when using a NAMED INSTANCE for SHAREPOINT, do we need 2 or 4 SPN's on the service account? And what is causing the syntax error problem we keep seeing when specifying only the host name?

We are stumped and need some advice.

Thanks.