I was trying to find out infamous "Failed to modify SPN" problem. After I debugged my samba I discovered that the problem was related to the fact that a server wanted to add SPNs for MSSQL like this:
But this information was unvailable. I think reporting here has to be better and show the content of the SPN's. There is a lot of people having similiar problems searching in wrong places becouse they don't have this information.
This might solve problems listed in bugs:
BTW.. I'm not sure if the fact that this windows server couldn't create SPN for MSSQL is samba bug, or something else. In windows event log I've found:
The SQL Server Network Interface library could not register the Service Principal Name (SPN) [ MSSQLSvc/Server.xxxx.local:1433 ] for the SQL Server service. Windows return code: 0x5, state: 15. Failure to register a SPN might cause integrated authentication to use NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies and if the SPN has not been manually registered.
I added this SPN by hand and see if that would work, but why server cannot add SPN? Should I file a separate bug report for this one?
in current versions the debug level 0 message tells already what SPN failed to add. Basically this is a dup of bug 9316
*** This bug has been marked as a duplicate of bug 9316 ***