Question

I have a question about how to manually set SPN for using Kerberos authentication on a SQL cluster.

Do I set one SPN on the clustername or one on each node? enter image description here

I also have a default named instance, do i specify the name of the instance?

Was it helpful?

Solution

To create a SPN for a SQL FCI, use the FQDN of the FCI instance. For example, if the FCI name is "SQLFCI1" on the contoso domain and it listens on port 22000 with domain account SQLSvcAcct then the spn would be: setspn -s MSSQLSvc/SQLFCI1.contoso.com:22000 Contoso\SQLSvcAcct

If you don't want to deal with doing this by hand there is a great tool provided by Microsoft for this.

Licensed under: CC-BY-SA with attribution
Not affiliated with dba.stackexchange
scroll top