January 6, 2009 at 3:31 pm
When I start the SQL Server service I get the following error
The SQL Network Interface library could not register the Service Principal Name (SPN) for the SQL Server service. Error: 0x2098, state: 15. Failure to register an SPN may cause integrated authentication to fall back to NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies.
I am not too sure what this means. This is my first attempt to set up a server from scratch - they are usually already configured by our network team.
Could someone please provide some guidance as I have Googled this to death and cannot find anything to run with.
I do use a domain service account for the SQL Services but I am not sure what all permissions a true service account needs. I gave it local admin on the SQL server itself but might be missing something else.
Thanks
January 6, 2009 at 8:11 pm
This is an expected message if the server runs under local admin or any domain account.
If you run SQL as Network Service or Local System, then the service will have ability to self-register it's SPN.
If you run SQL as any other account, you will see this error message. If you want to use Kerberos to connect to your SQL Server, you will need to manually register the SPN for the account that SQL Server is running under using the SetSPN tool.
See blog entry for more details:
http://blogs.msdn.com/sql_protocols/archive/2005/10/12/479871.aspx
MJ
January 7, 2009 at 5:06 am
Thanks very much. That makes more sense to me now
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply