brain/03 Bereiche/SAP/SQL-Server und KERBEROS Service Principal Name (SPN).md

---
tags:
  - upnote-import
---

# SQL-Server und KERBEROS Service Principal Name (SPN)

[Setting Up Kerberos Authentication for SQL Server: A Complete Guide from Scratch](https://www.youtube.com/embed/rLGvzMi74Jc?feature=oembed "Setting Up Kerberos Authentication for SQL Server: A Complete Guide from Scratch")

[SQL Server - Could not register the Service Principal Name - Alexandre VIOT](https://www.alexandreviot.net/2014/09/30/sql-server-could-not-register-the-service-principal-name-spn/)  

[Questions About Kerberos and SQL Server That You Were Too Shy to Ask - Simple Talk](https://www.red-gate.com/simple-talk/databases/sql-server/database-administration-sql-server/questions-about-kerberos-and-sql-server-that-you-were-too-shy-to-ask/)  

  

## Umsetzung für DocuWare

für lokale Konten wird anstelle des AD-Konto der lokale Maschinenname verwendet. Daher zum Löschen „internal\\KRA-DW-SQL“ verwenden.

Zur Neuanlage des SPNs wird dann das Dienstkonto  „internal\\docuwaresrv“ verwendet.

```
Setspn -D MSSQLSvc/KRA-DW-SQL.internal.lan:1433 internal\KRA-DW-SQL
Setspn -D MSSQLSvc/KRA-DW-SQL.internal.lan internal\KRA-DW-SQL
		
Setspn -S MSSQLSvc/KRA-DW-SQL.internal.lan internal\docuwaresrv
Setspn -S MSSQLSvc/KRA-DW-SQL.internal.lan:Inst1 internal\docuwaresrv
Setspn -S MSSQLSvc/KRA-DW-SQL.internal.lan:1433 internal\docuwaresrv
```

Kontrolle:

```
SELECT auth_scheme FROM sys.dm_exec_connections -- WHERE session_id = @@spid;

sp_readerrorlog 0 , 1 , spn
```

![](..\..\..\files\47ba4ee0-b992-40f9-ae45-610ca396911d.png)<br>