A Windows System Admin's Blog

Covering Server Administration, Endpoint Management, Scripting and Network Management

How to easily Check your SPN and Delegation settings for SQL Server in an Active Directory environment

, ,

I was recently setting up some Linked SQL Servers for a customer to perform queries against a database on one server through another. One of the things you need to get right when setting up linked servers when using Service accounts in Active Directory is SPNs (or Service Principal Names) and Authority to Delegate (for Kerberos authentication) which can sometimes be quite cumbersome through ADUC or ADSI edit.

I then stumbled upon a little tool from Microsoft called the Microsoft Kerberos Configuration Manager for SQL Server. Running this little tool on the two SQL servers I could quickly and more easily see the SPNs (see picture to the right) and Delegation permissions.  As one server was quite old (and before my time) I could easily see that the SPNs configured for that particular service account were incorrect and the tool even allows you to fix this by generating the correct SPN. Hope that helps save some time in the future.

Leave a Reply

More Posts

Using HP Intelligent Management Center (IMC) to push out configuration changes to your Network Switches

I’m currently consulting out at a school and implementing some changes for their environment, one of which is tightening up their networking environment seeing as I don’t want to remote into 60 odd switches to make changes to each of them we can use HP’s Intelligent Management Center (which schools generally get on the cheap).  […]

Handy Tips when troubleshooting Active Directory Replication Issues

Over the years I’ve come across a number of different environments with many running Active Directory in many different states. Replication is an important part of ensuring that your AD environment is healthy and highly available to service end users. I’ve compiled some notes around Active Directory Replication commands and gathering information. Firstly, just give […]

How to Multicast a Ghost image (GhostCast) using the Altiris Deployment Console 6.9

We recently needed to image a large number of machines in a short amount of time.  Anyone who has dealt with Altiris and use Ghost as their method of imaging know that Altiris wont by default Multicast the image and will instead push it out individually to each client that connects. So here is a […]