SCROLL
2 года назад
129 просмотров
Комментариев нет
Среднее время на прочтение: 3 мин.

MSSQL Server ошибка при подключении — The target principal name is incorrect. Cannot generate SSPI context.

В один момент не смог подключится к своему MSSQL Server используя Windows Authentication, получал ошибку — The target principal name is incorrect. Cannot generate SSPI context.

В логах видно что не удается зарегистрировать Service Principal Name (SPN) службы SQL Server:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
Date 1/27/2023 4:31:22 PM
Log SQL Server (Current - 1/27/2023 5:12:00 PM)
Source Server
Message
SQL Server is attempting to register a Service Principal Name (SPN) for the SQL Server service. Kerberos authentication will not be possible until a SPN is registered for the SQL Server service. This is an informational message. No user action is required.
Date 1/27/2023 4:31:22 PM
Log SQL Server (Current - 1/27/2023 5:12:00 PM)
Source Server
Message
The SQL Server Network Interface library could not register the Service Principal Name (SPN) [ MSSQLSvc/n******4005.example.local:N******4005 ] for the SQL Server service. Windows return code: 0x21c7, state: 15. Failure to register a SPN might cause integrated authentication to use NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies and if the SPN has not been manually registered.
Date 1/27/2023 4:31:22 PM Log SQL Server (Current - 1/27/2023 5:12:00 PM) Source Server Message SQL Server is attempting to register a Service Principal Name (SPN) for the SQL Server service. Kerberos authentication will not be possible until a SPN is registered for the SQL Server service. This is an informational message. No user action is required. Date 1/27/2023 4:31:22 PM Log SQL Server (Current - 1/27/2023 5:12:00 PM) Source Server Message The SQL Server Network Interface library could not register the Service Principal Name (SPN) [ MSSQLSvc/n******4005.example.local:N******4005 ] for the SQL Server service. Windows return code: 0x21c7, state: 15. Failure to register a SPN might cause integrated authentication to use NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies and if the SPN has not been manually registered.
Date        1/27/2023 4:31:22 PM
Log        SQL Server (Current - 1/27/2023 5:12:00 PM)
Source        Server
Message
SQL Server is attempting to register a Service Principal Name (SPN) for the SQL Server service. Kerberos authentication will not be possible until a SPN is registered for the SQL Server service. This is an informational message. No user action is required.

Date        1/27/2023 4:31:22 PM
Log        SQL Server (Current - 1/27/2023 5:12:00 PM)
Source        Server
Message
The SQL Server Network Interface library could not register the Service Principal Name (SPN) [ MSSQLSvc/n******4005.example.local:N******4005 ] for the SQL Server service. Windows return code: 0x21c7, state: 15. Failure to register a SPN might cause integrated authentication to use NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies and if the SPN has not been manually registered.

 

Быстро диагностировать и исправить проблемы можно утилитой — Microsoft Kerberos Configuration Manager (KCM).

 

На компьютере, на котором возникла проблема с подключением, скачиваем и устанвливаем Kerberos Configuration Manager.

JUQwJUExJUQwJUJBJUQwJUIwJUQxJTg3JUQwJUIwJUQxJTgyJUQxJThDJTIwJUQwJUJDJUQwJUJFJUQwJUI2JUQwJUJEJUQwJUJFJTIwJUQxJTgxJTIwJUQwJUJFJUQxJTg0JUQwJUI4JUQxJTg2JUQwJUI4JUQwJUIwJUQwJUJCJUQxJThDJUQwJUJEJUQwJUJFJUQwJUIzJUQwJUJFJTIwJUQxJTgxJUQwJUIwJUQwJUI5JUQxJTgyJUQwJUIwJTIwJUUyJTgwJTk0JUMyJUEwaHR0cHMlM0ElMkYlMkZ3d3cubWljcm9zb2Z0LmNvbSUyRmVuLXVzJTJGZG93bmxvYWQlMkZkZXRhaWxzLmFzcHglM0ZpZCUzRDM5MDQ2

 

JUQwJTk3JUQwJUIwJUQwJUJGJUQxJTgzJUQxJTgxJUQwJUJBJUQwJUIwJUQwJUI1JUQwJUJDJTIwS2VyYmVyb3NDb25maWdNZ3IuZXhlJTIwJUQwJUI4JUQwJUI3JTIwJUQwJUJGJUQwJUIwJUQwJUJGJUQwJUJBJUQwJUI4JTIwQyUzQSU1Q1Byb2dyYW0lMjBGaWxlcyU1Q01pY3Jvc29mdCU1Q0tlcmJlcm9zJTIwQ29uZmlndXJhdGlvbiUyME1hbmFnZXIlMjBmb3IlMjBTUUwlMjBTZXJ2ZXIlMjAlRDAlQjglRDElODElRDAlQkYlRDAlQkUlRDAlQkIlRDElOEMlRDAlQjclRDElODMlRDElOEYlMjAlRDElODMlRDElODclRDAlQjUlRDElODIlRDAlQkQlRDElODMlRDElOEUlMjAlRDAlQjclRDAlQjAlRDAlQkYlRDAlQjglRDElODElRDElOEMlMjAlRDAlQjQlRDAlQkUlRDAlQkMlRDAlQjUlRDAlQkQlRDAlQjAlMkMlMjAlRDElODMlMjAlRDAlQkElRDAlQkUlRDElODIlRDAlQkUlRDElODAlRDAlQkUlRDAlQjklMjAlRDAlQjUlRDElODElRDElODIlRDElOEMlMjAlRDElODAlRDAlQjAlRDAlQjclRDElODAlRDAlQjUlRDElODglRDAlQjUlRDAlQkQlRDAlQjglRDElOEYlMjAlRDAlQjQlRDAlQkIlRDElOEYlMjAlRDAlQkYlRDAlQkUlRDAlQjQlRDAlQkElRDAlQkIlRDElOEUlRDElODclRDAlQjUlRDAlQkQlRDAlQjglRDElOEYlMjAlRDAlQkElMjAlRDAlQkElRDAlQkUlRDAlQkMlRDAlQkYlRDElOEMlRDElOEUlRDElODIlRDAlQjUlRDElODAlRDElODMlMjBTUUwlMjBTZXJ2ZXIlMkMlMjAlRDAlQkElMjAlRDAlQkElRDAlQkUlRDElODIlRDAlQkUlRDElODAlRDAlQkUlRDAlQkMlRDElODMlMjAlRDAlQkQlRDAlQjUlMjAlRDAlQkMlRDAlQkUlRDAlQjYlRDAlQjUlRDAlQkMlMjAlRDAlQkYlRDAlQkUlRDAlQjQlRDAlQkElRDAlQkIlRDElOEUlRDElODclRDAlQjglRDElODIlRDElOEMlRDElODElRDElOEYu

Нажимаем Connect. На форме подключения оставляем имя сервера и учетные данные, пустыми.

 

JUQwJTlGJUQwJUJFJUQxJTgxJUQwJUJCJUQwJUI1JTIwJUQxJTgyJUQwJUJFJUQwJUIzJUQwJUJFJTJDJTIwJUQwJUJBJUQwJUIwJUQwJUJBJTIwS0NNJTIwJUQwJUI3JUQwJUIwJUQwJUIyJUQwJUI1JUQxJTgwJUQxJTg4JUQwJUI4JUQxJTgyJTIwJUQwJUI4JUQwJUI3JUQwJUIyJUQwJUJCJUQwJUI1JUQxJTg3JUQwJUI1JUQwJUJEJUQwJUI4JUQwJUI1JTIwJUQwJUJEJUQwJUI1JUQwJUJFJUQwJUIxJUQxJTg1JUQwJUJFJUQwJUI0JUQwJUI4JUQwJUJDJUQwJUJFJUQwJUI5JTIwJUQwJUI4JUQwJUJEJUQxJTg0JUQwJUJFJUQxJTgwJUQwJUJDJUQwJUIwJUQxJTg2JUQwJUI4JUQwJUI4JTJDJTIwJUQwJUJGJUQwJUI1JUQxJTgwJUQwJUI1JUQxJTg1JUQwJUJFJUQwJUI0JUQwJUI4JUQwJUJDJTIwJUQwJUJEJUQwJUIwJTIwJUQwJUIyJUQwJUJBJUQwJUJCJUQwJUIwJUQwJUI0JUQwJUJBJUQxJTgzJTIwU1BOLiUyMCVEMCU5NSVEMSU4MSVEMCVCQiVEMCVCOCVDMiVBMEtDTSUyMCVEMCVCRCVEMCVCMCVEMCVCOSVEMCVCNCVEMCVCNSVEMSU4MiUyMCVEMCVCRiVEMSU4MCVEMCVCRSVEMCVCMSVEMCVCQiVEMCVCNSVEMCVCQyVEMSU4QiUyQyUyMCVEMSU4MiVEMCVCRSUyMCVEMCVCRCVEMCVCMCVEMCVCQyUyMCVEMCVCRSVEMCVCRCVEMCVCOCUyMCVEMCVCMSVEMSU4MyVEMCVCNCVEMSU4MyVEMSU4MiUyMCVEMCVCRSVEMSU4MiVEMCVCRSVEMCVCMSVEMSU4MCVEMCVCMCVEMCVCNiVEMCVCNSVEMCVCRCVEMSU4Qg==

В моем случае KCM нашел проблемы с записями SPN, для исправления в столбце Action нажимаем Fix по каждой проблеме:

После устранения всех проблем, выявленных в KCM, повторно запускаем инструмент, подключаемся и проверяем. Если нет ошибок, то будет такая картина:

 

ПОНРАВИЛАСЬ ИЛИ ОКАЗАЛАСЬ ПОЛЕЗНОЙ СТАТЬЯ, ПОДДЕРЖИ АВТОРА ДОНАТОМ

Обсуждение

0 комментариев

Нет комментариев.

Похожие записи