A Windows System Admin's Blog

Covering Server Administration, Endpoint Management, Scripting and Network Management

How to easily Check your SPN and Delegation settings for SQL Server in an Active Directory environment

, ,

I was recently setting up some Linked SQL Servers for a customer to perform queries against a database on one server through another. One of the things you need to get right when setting up linked servers when using Service accounts in Active Directory is SPNs (or Service Principal Names) and Authority to Delegate (for Kerberos authentication) which can sometimes be quite cumbersome through ADUC or ADSI edit.

I then stumbled upon a little tool from Microsoft called the Microsoft Kerberos Configuration Manager for SQL Server. Running this little tool on the two SQL servers I could quickly and more easily see the SPNs (see picture to the right) and Delegation permissions.  As one server was quite old (and before my time) I could easily see that the SPNs configured for that particular service account were incorrect and the tool even allows you to fix this by generating the correct SPN. Hope that helps save some time in the future.

Leave a Reply

More Posts

How to Rename a SharePoint 2013 Content database name hosted on SQL Server

So I’ve been toying with SharePoint 2013 in my lab at home, doing the install and configuration at the moment, setting up my first Site after the initial configuration but noticed that I made a typo in the Database name.  So how do I go about fixing or renaming that database in SharePoint and in SQL […]

Thoroughly cleaning up a WSUS server

I was recently tasked with performing a clean-up of some of our servers, removing old files/software installations as well as a clean-up of our WSUS server.  After a quick look I could see that our previous administrator had set it to download Driver updates as well, which was taking up quite a large amount of […]

Finding the location of a device using an IP or MAC Address in HP intelligent Management Centre IMC (like you could in ProCurve Manager)

I was out at a client recently helping to clean up their iMC implementation and make some recommendations regarding their network setup. I was asked if you could look up Switch and Port number location of an end user device like you could in ProCurve Manager (PCM). Sure you can, the feature has been around […]