I have a two-replica SQL Server Availability Group running on Windows VMs in the Government Cloud. The AG is running on a named instance on port 1436. Active Directory is running in the public cloud. We have been working to get SPNs and delegation set up to allow connectivity to the SQL Server service. We had delegation set up for the IIS service to the MSSQLSvc for the following:
Both servers shortname for port 1436
Both servers FQDN for port 1436
The AG listener shortname for port 1436
The AG listener FQDN for port 1436
The AG listener shortname with no port
The AG listener FQDN with no port
As part of the troubleshooting effort, the AG listener delegation was removed from the IIS service for MSSQLSvc. After removing the listener delegation, we are getting an Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON', which makes sense.
However, when trying to add delegation for the IIS service to MSSQLSvc for the AG listener back, I no longer see the MSSQLSvc as an option. Has anyone seen this in the past, and is there a way to see the MSSQLSvc as a service type when adding the delegation?
January 27, 2023 at 11:25 am
This was removed by the editor as SPAM
The delegation for the IIS service has been dropped and recreated and everything looks good.
January 29, 2023 at 10:09 pm
This was removed by the editor as SPAM
January 31, 2023 at 4:53 am
This was removed by the editor as SPAM
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply