Bug 10421 - Insufficiently verbose message at /source4/rpc_server/drsuapi/writespn.c:237
Insufficiently verbose message at /source4/rpc_server/drsuapi/writespn.c:237
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB
unspecified
All All
: P5 normal
: ---
Assigned To: Andrew Bartlett
Samba QA Contact
:
Depends on: 9316
Blocks:
  Show dependency treegraph
 
Reported: 2014-02-05 23:19 UTC by Michał Mosiewicz
Modified: 2016-10-13 08:51 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michał Mosiewicz 2014-02-05 23:19:13 UTC
Hi,

I was trying to find out infamous "Failed to modify SPN" problem. After I debugged my samba I discovered that the problem was related to the fact that a server wanted to add SPNs for MSSQL like this:


MSSQLSvc/Server.xxxx.local
MSSQLSvc/Server.xxxx.local:1433

But this information was unvailable. I think reporting here has to be better and show the content of the SPN's. There is a lot of people having similiar problems searching in wrong places becouse they don't have this information.

This  might solve problems listed in bugs:
#10080, #9313
Comment 1 Michał Mosiewicz 2014-02-05 23:42:30 UTC
BTW.. I'm not sure if the fact that this windows server couldn't create SPN for MSSQL is samba bug, or something else. In windows event log I've found:

The SQL Server Network Interface library could not register the Service Principal Name (SPN) [ MSSQLSvc/Server.xxxx.local:1433 ] for the SQL Server service. Windows return code: 0x5, state: 15. Failure to register a SPN might cause integrated authentication to use NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies and if the SPN has not been manually registered.

I added this SPN by hand and see if that would work, but why server cannot add SPN? Should I file a separate bug report for this one?