This error indicates that SQL Server was unable to register a Service Principal Name (SPN) in Active Directory. This error occurs when you try to connect to an instance of SQL Server and the Windows account that you are using is not recognized by the server, or the account is on a nontrusted Windows domain.
This error can also occur when the account that starts SQL Server does not have the required permissions to contact the domain to verify the security principal.
Check the account information that you are using to make sure that it is in the domain of the SQL Server and has permissions to connect to that server.
To make sure that the SQL Server has the required permissions to verify network identities, in Control Panel, open Administrative Tools, and then click Local Security Policy. In Local Security Settings, double-click Local Policies, and then double-click User Rights Assignments. Verify that the following rights have been explicitly given to the SQL Server Service account:
Log on as a service
Act as part of the operating system
Back up files and directories
Adjust memory quotas for a process
Increase scheduling priority
Restore files and directories
To enable the Read servicePrincipalName permission and the Write servicePrincipalName permission for the SQL Server account, you can also edit the Access Control Settings permissions of the account in the Active Directory directory service.
|If you use the Active Directory Service Interfaces (ADSI) Edit snap-in, the LDP utility, or any other LDAP version 3 clients, and you incorrectly modify the attributes of Active Directory objects, you can cause serious problems. These problems might require that you reinstall Microsoft Windows 2000 Server, Microsoft Windows Server 2003, Microsoft Exchange 2000 Server, Microsoft Exchange Server 2003, or both Windows and Exchange. We cannot guarantee that problems caused by incorrectly modifying Active Directory object attributes can be solved. Modify these attributes at your own risk.|