the target principal name is incorrect SQL

Question

the target principal name is incorrect SQL

Ahmad MUNIR 1

We have configured our organization's Windows 2022 Domain Controller and have been attempting to run windows updates which are mentioned below.

However, we have encountered a Kerberos authentication issue that has prevented the authentication of the users and MS SQL, as mentioned below.

SQL Server 2019 version sp1

Seeya Xi-MSFT 16,676 Reputation points

2023-01-11T07:18:37.02+00:00

Hi Ahmad MUNIR,

We have not received a response from you. Did the reply could help you? If the response helped, do "Accept Answer". If it doesn't work, please let us know the progress. By doing so, it will benefit all community members who are having this similar issue. Your contribution is highly appreciated.

Best regards,

Seeya

3 answers

Your answer

Seeya Xi-MSFT 16,676 Reputation points

2023-01-11T07:18:37.02+00:00

Hi Ahmad MUNIR,

We have not received a response from you. Did the reply could help you? If the response helped, do "Accept Answer". If it doesn't work, please let us know the progress. By doing so, it will benefit all community members who are having this similar issue. Your contribution is highly appreciated.

Best regards,

Seeya

Answer 1

Seeya Xi-MSFT 16,676

Hi @Ahmad MUNIR ,

This error means that SSPI tries but can't use Kerberos authentication to delegate client credentials through TCP/IP or Named Pipes to SQL Server. In most cases, a misconfigured Service Principal Name (SPN) causes this error.
For more information, please refer to this document: "Cannot generate SSPI context" error when using Windows authentication to connect SQL Server.

If you run the SQL Server service under a domain account or under a local account, the attempt to create the SPN will fail in most cases because the domain account and the local account do not have the right to set their own SPNs.

Please see this thread, AmeliaGu replied with a very complete answer which contains many links you can refer to. Also, Kerberos Configuration manager is an official tool to help you troubleshoot SPN and delegation issues.

Best regards,
Seeya

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Ahmad MUNIR 1 Reputation point

2023-01-09T07:46:58.357+00:00

Thanks for the help we have already tried on the said fix it does not help us.
Seeya Xi-MSFT 16,676 Reputation points

2023-01-09T08:48:03.013+00:00

Did you check the success of your SPN registration? Are there any duplicate SPNs or are there any errors reported in the above process? You can also check the Errorlog for relevant error messages.
Seeya Xi-MSFT 16,676 Reputation points

2023-01-10T09:40:51.427+00:00

Hi @Ahmad MUNIR ,

We have not received a response from you. Have you solved your problem yet? If not, please FEEL FREE to tell us the latest progress.

Best regards, Seeya

Answer 2

Olaf Helper 47,586

Use the tool Microsoft® Kerberos Configuration Manager for SQL Server® to fix the issue.

Answer 3

Thameur-BOURBITA 36,491 Moderator

Hi,

You shoud start by checking if the required SPN for SQL service is well configured.
Check if the AES encryption of kerberos authentication is already configured on SQL service account and computer object of SQL server.
AES encryption
service-principal-name-spn-support-in-client-connections

Please don't forget to mark helpful reply as answer

Ahmad MUNIR 1 Reputation point

2023-01-09T07:45:44.58+00:00

Thanks for the help it does not help us at all.

Share via

the target principal name is incorrect SQL

3 answers

Your answer