Installing SQL Server 2005 is not creating the SPNs

After installing SQL Server 2005 x64 as Administrator in Windows Server 2003, I run setspn -L serviceaccountname and the install is only creating 1 entry on the domain controller (Windows Server 2003 x86). It should create multiple from what I understand. I also know that I can create these manually but I shouldn't have to and this is telling me that something is wrong. Any ideas?
Chris24Asked:
Who is Participating?
 
PberConnect With a Mentor Solutions ArchitectCommented:
Also I found that is usually only registers the FQDN SPN.  You can also manually add  the NetBIOS SPN as needed as per the second link above.

FQDN:
setspn -A MSSQLSvc/myserver.microsoft.com:1433 MYDOMAIN\sqlsvc
NetBIOS
setspn -A MSSQLSvc/myserver:1433 MYDOMAIN\sqlsvc

If SQL is running under the local system it should register it's own SPN's.  In this case for Constrained Delegation, you would then delegate the computer account to a remote service as opposed to delegating the service account as you would do if it would be running under a domain account.
0
 
PberSolutions ArchitectCommented:
Is the sql server running under a domain account?  If so do this:
http://support.microsoft.com/kb/319723
...specifically: Step 3: Configure the SQL Server service to create SPNs dynamically

This too:
http://msdn2.microsoft.com/en-us/library/aa905162(sql.80).aspx
0
 
Chris24Author Commented:
I wiped and rebuilt my domain controller, setup my domain, joined the SQL server to the domain, trusted that server for delegation, ran the SQL Server 2005 x64 install installing ALL options Analysis, Reporting, etc... and it created ONE SPN on my DC. I ran and installed a new instance and it created just ONE additional SPN for that instance. My DB guy here says there should be more than the one??? Is this correct? It obviously has permission to create if it created one. Should there be more than one SPN per instance? Each SPN is pointing to the correct port number

Server 1: SQL Server 2005 - Windows 2003 R2 x64 - Dell PowerEdge 2900
Domain Controller: Windows 2003 R2 x86

We've been going round and round with this for two weeks now.

Thanks,
Chris
0
 
PberSolutions ArchitectCommented:
Are you running SQL under a domain service account or local system?
What rights does the SQL service account have?  (Normal user, domain admin).

From my experience, SQL will only create one FQDN SPN for each instance even if you allow dynamic SPN registration (as per my previous post)
i.e.
MSSQLSvc/SQLServer.domain.com:1433

Are you just trying to setup Kerberos double hop Authentication?
0
All Courses

From novice to tech pro — start learning today.