SPN
Service Principal Name
The NetLogon service registers the default SPNs for the base operating system and refreshes those every 22 minutes after operating system startup.
setspn
Setspn is a command-line tool that is built into Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows 8.
It is available if you have the Active Directory Domain Services (AD DS) server role installed.
To run it you need to be a Domain Admin or have the Read servicePrincipalName and Write servicePrincipalName rights.
Check
Commands should be run from a Windows Command Prompt or Powershell...
To return a list of the SPNs that myhost has registered with Active Directory...
setspn –l myhost
To return a list of the SPNs that the local computer has registered with Active Directory...
setspn –l hostname
Common entries to see include...
HOST/MYHOST - Any service running on the computer with NetBIOS name MYHOST
HOST/MYHOST.mydomain.com - Any service running on the computer with hostname MYHOST.mydomain.com
TERMSRV/MYHOST.mydomain.com - The Remote Desktop Protocol (RDP) service running on the computer with hostname MYHOST.mydomain.com
MSSQLSvc/MYHOST.mydomain.com:1433– The SQL Server listening on MYHOST.mydomain.com, port 1433
Set
For MS-SQL...
setspn -s MSSQLSvc/MYHOST.mydomain.com:1433 mydomain\myservice
MSSQLSvc is a fixed string identifying this as a SQL Server SPNMYHOST is the fully qualified domain name of the SQL Server1433 is the SQL Server portmydomain\myservice is the domain service account for the SQL Server serviceAn SPN is required for all aliasesYou must restart SQL after setting SPNs