SQL Server default instance was not accessible from remote servers for the domain logins (accessible for SQL Accounts) but accessible from the local server for domain accounts.
Note: TCP/IP port is changed from default port.
Error message with the SQL Server error log:
The SQL Server Network Interface library could not register the Service Principal Name (SPN) for the SQL Server service. Error: 0x2098, state: 15. Failure to register an SPN may cause integrated authentication to fall back to NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies.
Check the SQL Server Service Account has the same password as the one when the SQL Server Service was started. If the check fails; then you might need to restart the SQL Server Service with the correct/current password.
In our case: the SQL Server service & SQL Agent service accounts were interchanged.
Fix: Re-configured/swapped the Service accounts to designated domain accounts (which had a bounce to SQL Server services) has fixed the database access issue from remote servers.
No comments:
Post a Comment