Re: Multiple accounts with the name MSSQLSvc...
From: Donna Lambert (DonnaLambert_at_discussions.microsoft.com)
Date: 04/28/05
- Next message: Donna Lambert: "RE: Login failed for user 'sa'"
- Previous message: sql rookie: "application login , but user security"
- In reply to: Jens Süßmeyer: "Re: Multiple accounts with the name MSSQLSvc..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 28 Apr 2005 09:32:16 -0700
The SPN should be registered under the account SQL is starting under, and
ONLY that account.
You can use the utility setspn to check for the existence of other spn's,
delete the ones you don't want, and add the one you need.
Please note...you are NOT deleting the ACCOUNT, but the Service Principle
Name, which resides IN that user object.
Here's an article with more info than you ever wanted to know about SQL and
SPN's.:
http://support.microsoft.com/default.aspx?scid=kb;en-us;811889
but there are links to getting setspn in there.
Donna Lambert
"Jens Süßmeyer" wrote:
> Somebody setup the SPN for the service account on those machines,
> unfortunately the same SPN has been promoted more than one time.
>
> Jens Suessmeyer.
>
>
> "Michel Schuurman" <ms_remove_@omni-trade.nl> schrieb im Newsbeitrag
> news:uW9$Ad9SFHA.2172@tk2msftngp13.phx.gbl...
> > Hi,
> >
> > Got a KDC Error with the following description:
> >
> > ==========================================
> > Event Type: Error
> > Event Source: KDC
> > Event Category: None
> > Event ID: 11
> > Date: 28-04-2005
> > Time: 2:01:01
> > User: N/A
> > Computer: server
> > Description:
> > There are multiple accounts with name MSSQLSvc/server.domain.local:1433 of
> > type DS_SERVICE_PRINCIPAL_NAME.
> >
> > For more information, see Help and Support Center at
> > http://go.microsoft.com/fwlink/events.asp.
> > ==========================================
> >
> >
> > The LDP-tool gives the following results:
> >
> > ==========================================
> > ***Searching...
> > ldap_search_s(ld, "DC=domain,DC=local", 2,
> > "serviceprincipalname=MSSQLSvc/server.domain.local:1433", attrList, 0,
> > &msg)
> > Result <0>: (null)
> > Matched DNs:
> > Getting 2 entries:
> >>> Dn: CN=Administrator,CN=Users,DC=domain,DC=local
> > 4> objectClass: top; person; organizationalPerson; user;
> > 1> cn: Administrator;
> > 1> description: Built-in account for administering the computer/domain;
> > 1> distinguishedName: CN=Administrator,CN=Users,DC=domain,DC=local;
> > 1> name: Administrator;
> > 1> canonicalName: domain.local/Users/Administrator;
> >>> Dn: CN=server,OU=Domain Controllers,DC=domain,DC=local
> > 5> objectClass: top; person; organizationalPerson; user; computer;
> > 1> cn: server;
> > 1> distinguishedName: CN=server,OU=Domain Controllers,DC=domain,DC=local;
> > 1> name: server;
> > 1> canonicalName: domain.local/Domain Controllers/server;
> > ==========================================
> >
> > Can anyone explain me what I can do about this? Deleting one of the
> > accounts is not an option I guess... I read that in some cases a computer
> > or user should be unregistered en registered again but in this case I'm
> > not so confident about it re-registring the Server itself or the
> > administrator-account..
> >
> > Any help on this is much appreciated.
> >
> >
> >
> > Michel Schuurman
> >
> > Omni Trade Automatisering B.V.
> >
>
>
>
- Next message: Donna Lambert: "RE: Login failed for user 'sa'"
- Previous message: sql rookie: "application login , but user security"
- In reply to: Jens Süßmeyer: "Re: Multiple accounts with the name MSSQLSvc..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
