December 6, 2018 at 2:25 pm
Hi All.
I am facing a strange situation or common I don't know.
Issue : The sql server agent was running in Windows NT account. So, as you might be aware this is not a safe option to have.
I requested the team to create domain account and all was good. Now, the problem is SSPI error for one of the application.
""SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. The logon attempt failed [CLIENT: ]""
As a temp remedy, I switched the agent to NT account again but that does not resolve the issue. The main purpose of running the agent under domain account is not met. Please advise as logs does not help. Where we need to add this account or what needs to be done so that domain account can be used and also application works fine.
Thank you!
December 6, 2018 at 2:34 pm
Register an SPN under the domain account for the name the application is using in it's connection string.
December 6, 2018 at 2:37 pm
Thank you! for quick reply.
Is it possible for you to share with me step by step process?
Much appreciated!
December 6, 2018 at 2:53 pm
At a command prompt:
setspn -A MSSQLSvc/myhost.redmond.microsoft.com redmond\accountname
Of course replace the myhost.redmond.microsoft.com with the name used in the connection string used by the application and redmond\accountname with the domain account.
If an SPN already exists, it must be deleted before it can be reregistered. You do this by using the setspn command together with the -D switch.
setspn /? will give you all the options
December 6, 2018 at 7:51 pm
A genuine thank you. It is amazing to get so much help from this forum and great people.
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply