BizTalk: Service Principal Name (SPN) List
BizTalk is a "client" while SQL is the "server". In some situations, an extra hop is added, like a SharePoint server. In a double-hop scenario, Service Principal Names (SPN) are used by Active Directory to authenticate a service. In this BizTalk-SQL Server-SharePoint Server scenario, the SQL Server Service account needs an SPN.
Create the following SPNs for the SQL Server Service account using the Default Instance:
NETBios |
setspn -a mssqlsvc/SQLServerComputerName Domain\SQLServerServiceAccount |
NETBios:port |
setspn -a mssqlsvc/SQLServerComputerName:1433 Domain\SQLServerServiceAccount |
FQDN |
setspn -a mssqlsvc/SQLServerComputerName.domain.com Domain\SQLServerServiceAccount |
FQDN:port |
setspn -a mssqlsvc/SQLServerComputerName.domain.com:1433 Domain\SQLServerServiceAccount |
Create the following SPNs for the SQL Server Service account using the Named Instance. In the following example, Port 1435 is the Named Instance Port:
NETBios |
setspn -a mssqlsvc/SQLServerComputerName:NamedInstance Domain\SQLServerServiceAccount |
NETBios:port |
setspn -a mssqlsvc/SQLServerComputerName:NamedInstance:1435 Domain\SQLServerServiceAccount |
FQDN |
setspn -a mssqlsvc/SQLServerComputerName.domain.com:NamedInstance Domain\SQLServerServiceAccount |
FQDN:port |
setspn -a mssqlsvc/SQLServerComputerName.domain.com: NamedInstance:1435 Domain\SQLServerServiceAccount |
If using SQL Server clustered instances, create the following SPNs for the SQL Server cluster virtual name using the Default Instance:
NETBios |
setspn -a mssqlsvc/ClusterVirtualName Domain\SQLServerClusterInstanceAccount |
NETBios:port |
setspn -a mssqlsvc/ClusterVirtualName:1433 Domain\SQLServerClusterInstanceAccount |
FQDN |
setspn -a mssqlsvc/ClusterVirtualName.domain.com Domain\SQLServerClusterInstanceAccount |
FQDN:port |
setspn -a mssqlsvc/ClusterVirtualName.domain.com:1433 Domain\SQLServerClusterInstanceAccount |
If using SQL Server clustered instances, create the following SPNs for the SQL Server cluster virtual name using the Named Instance. In the following example, Port 1435 is the Named Instance Port:
NETBios |
setspn -a mssqlsvc/ClusterVirtualName:NamedInstance Domain\SQLServerClusterInstanceAccount |
NETBios:port |
setspn -a mssqlsvc/ClusterVirtualName:NamedInstance:1435 Domain\SQLServerClusterInstanceAccount |
FQDN |
setspn -a mssqlsvc/ClusterVirtualName.domain.com:NamedInstance Domain\SQLServerClusterInstanceAccount |
FQDN:port |
setspn -a mssqlsvc/ClusterVirtualName.domain.com: :NamedInstance:1435 Domain\SQLServerClusterInstanceAccount |
Online Resources:
Register a Service Principal Name for Kerberos Connections
http://msdn.microsoft.com/library/ms191153.aspx
See Also
Another important place to find a huge amount of BizTalk related articles is the TechNet Wiki itself. The best entry point is BizTalk Server Resources on the TechNet Wiki.