SPN Configuration
OK, I've done this several times before and have had no issues... so the command I think is correct. However I have no idea why it's failing. It says unknown parameter but the -A is used for adding and I think the syntax after that is correct. Help greatly
appreciated! Thanks!
C:\Users\Administrator>setspn.exe -A MSSQLSvc/serverA:1433 serverA\sqladmin
Unknown parameter MSSQLSvc/VAUSSQL:1433. Please check your usage.
Usage: setspn.exe [modifiers switch] [accountname]
Where "accountname" can be the name or domain\name
of the target computer or user account
July 12th, 2011 4:57pm
Have you tried using the FQDN for your SQLbox name?
Miguel Rodriguez
Free Windows Admin Tool Kit Click here and download it now
July 12th, 2011 5:04pm
I did... and odd I kept pasting the line in there, which I've done before and it failed. I had to type the whole thing out. Now I'm getting an error FindDomainForAccount: Call to DsGetDcNameWithAccountW failed with return value 0
x0000054B; unable to locate account xyz
which is odd that it can't find the account because it's local to the box.
July 12th, 2011 5:22pm
You can't use a local user for an SPN. SPNs are used for mutual authentication in kerberos which requires a central authority like AD. You need to swicth your SQL Server service account to a domain one or better yet, if the instance is dedicated to ConfigMgr,
just change it to local SYSTEM. The best practice does not apply in this case because there is no user interaction with the DB.Jason | http://myitforum.com/cs2/blogs/jsandys | Twitter @JasonSandys
Free Windows Admin Tool Kit Click here and download it now
July 12th, 2011 5:38pm
Thanks Jason, problem resolved. I know I've used domain accounts prior and it worked but I thought I read that it could use local authentication as well. Thanks for your help
July 12th, 2011 10:53pm