You will also need to enable Delegation on the Kerberos tab of the that is running the SQL Database Engine. Setspn -A MSSQLSvc/sqlvirtualA.:1433 ĭo that for both instances. Move this to the same organisational unit as your serverN1 and serverN2 AD Computer accounts. When it does, a new AD Computer account will be created in your CN=Computers folder. This will require an cluster group outage to take effect. To enable Kerberos in a cluster, you will need to enable "Register in DNS" and "Enable Kerberos" in your Network Name resource for each cluster group. It is better to create your SPNs manually anyway. Because you are running your services under an AD account, it won't have the required privileges to create SPNs by default. What idoes MS say for such cinfiguration? and des it a sound proof or suggested seting which can be implemnedted on critical Prod env?Īre you\anone aware about such setting already implement on any env and how its working?Īgain. app uses dns alias to connect to SQL instances and have no issues as well.ĭns alias - sql-db1.fqdn mapped to sqlvirtualAĭns alias - sql-db2.fqdn mapped to sqlvirtualB also connection from app server\clinet have no issue using below connection string. SQL instance is coming up properly & and I can make connection both the instances remotely using similar port using query analyser. "select auth_scheme from sys.dm_exec_connections where session_id=111"
I queried below statement and result is "NTLM" Further action is only required if Kerberos authentication is required by authentication policies."īased on this error message NTLM authentication scheme is used once kerberos failed. Failure to register an SPN may cause integrated authentication to fall back to NTLM instead of Kerberos. "The SQL Network Interface library could not register the Service Principal Name (SPN) for the SQL Server service. I got the error message for SPM/kerberos authentication as you mentioned in your reply too.
#Multiple idatabase instances windsor registration code#
Old sql2k instance were using 1433 node & to avoid code changes at app side to SQL to listen same port for both instances running on cluster.ġst instance name - sqlvirtualA\instance1 - Port 1433,1434Ģst instance name - sqlvirtualB\instance2 - Port 1433,1435 and to balance the node separating the db across two instance (active\active mode) running on same cluster nodes. I am migrating db sql2k ->sql2k5 where sql2k5 is running on 2 node cluster.
0 kommentar(er)
