How to give a user account rights to register its own Service Principal Name (SPN)

I recently had a SQL server where the SQL instance had a different name than the hostname. Not having rights to connect to SQL, I wasn’t aware of that. So, I registered the SPNs as they should have been registered, and it was still falling back to NTLM (see: failing).

SQL Server will register its [...]

December 30th, 2009 | Tags: , , , , | Category: Active Directory, SQL Server | Leave a comment

How to configure AD, SQL, and IIS for two-hop Kerberos authentication

Recently, some of our developers were writing an app that required impersonation from the web service, as the user, to the database. Admittedly, Kerberos isn’t one of my strong points.

There were two hops here. From the user -> IIS server and from IIS Server -> SQL Server, but the application in IIS would impersonate the [...]

October 24th, 2009 | Tags: , , , , , , | Category: Active Directory, IIS7, Microsoft, SQL Server, Server Management, Windows Server 2008 | One comment

System Center Operations Manager 2007 and BizTalk 2006 SQL Server Warning

Well, finally a post after the chaos that was the holidays. I was on vacation for 12 days and accomplished…nothing. Except for a lot of Counterstrike. And Team Fortress 2.

If you’re running SCOM 2007 and BizTalk 2006 (and have the SQL agent jobs properly configured) you may notice a warning in SCOM that says there [...]

January 2nd, 2008 | Tags: , | Category: SQL Server | Leave a comment

Moving Microsoft BizTalk Server 2006 Databases to a new SQL Server

So, for whatever reason you need to move your BizTalk databases from one SQL server to another. In my case, I was moving from a hostname to a CNAME, for DR purposes (failover server is in another DC, and not clustered).

In the event of a disaster, we could just fail over to the other database [...]

September 6th, 2007 | Tags: , , | Category: SQL Server | 6 comments