October 8, 2018 at 4:29 am
Perry Whittle - Friday, October 5, 2018 5:22 AMNo, they must use the same account, this is detailed in the pre reqs and restrictions for AGs
Agreed. A group Managed Service Account is good for this.
If you want an availability group to work with Kerberos:
All server instances that host an availability replica for the availability group must use the same SQL Server service account.
The domain administrator needs to manually register a Service Principal Name (SPN) with Active Directory on the SQL Server service account for the virtual network name (VNN) of the availability group listener. If the SPN is registered on an account other than the SQL Server service account, authentication will fail.
October 10, 2018 at 7:59 am
Ok my two node respond to kerberos authentification but virtualIp (VNN) cluster respond with NTLM , it's normal or i must do spn for the cluster virtual IP
October 10, 2018 at 11:13 am
Ok I set spn to VNN but the CNN goes always to ntlm no kerberos
Viewing 3 posts - 16 through 17 (of 17 total)
You must be logged in to reply to this topic. Login to reply