0

For past few months, we are getting these kind of alert in SCOM stating SQL Server cannot authenticate using Kerberos. One thing to note here is that this alert is coming from only one server not other server which were built at the same time.

Also I ran this query as per suggested by MS:

select auth_scheme from sys.dm_exec_connections where session_id=@@spid

The result is NTLM.

Still I don't get why kerberos alert is coming only for this server. My question here is when does SCOM generates this kind of alert? By searching this forum, I have found various resolutions but wasn't able to find as to why SCOM is generating this. Is there some event that triggers this?

We are using SCOM 2012 R2 and SQL MP 6.4.1.0

masegaloeh
  • 17,978
  • 9
  • 56
  • 104
user2068804
  • 1

1 Answers1

0

In my personal experience this is usually caused by problems with SPN (server principal name) registration on the SQL Server. Microsoft has a free tool called "Kerberos Configuration Manager" (available for download here) If the tool fails to fix an issue, you may need to register SPN manually. But in some AD configurations the problems could not be fixed with unclear reasons. Such as when you have multi-level domain structure with aliases (disclaimer: I am not myself a sysadmin and do not manage AD; our sysadmin could not get SPN to register correctly).

vaso
  • 103
  • 1
  • 6