I am seeing event ID 11 in event viewer for many servers (all sql servers) – windows 2003 Domain
There are multiple accounts with name MSSQLSvc/bq_sqlsrv.uk.corp.company.net:1433 of type DS_SERVICE_PRINCIPAL_NAME.
There are multiple accounts with name MSSQLSvc/dk_sqlsrv.uk.corp.company.net:1433 of type DS_SERVICE_PRINCIPAL_NAME.
There are multiple accounts with name MSSQLSvc/om_sqlsrv.uk.corp.company.net:1433 of type DS_SERVICE_PRINCIPAL_NAME.
So i had a read of this bloghttp://blog.joeware.net/2008/07/17/1407/ and ran his adfind tool which gives the below results.
C:\AdFind>adfind -sc c:bq_sqlsrv
AdFind V01.46.00cpp Joe Richards (joe@joeware.net) March 2012
Using server: CORPPL-AD02.corp.company.net:3268
Directory: Windows Server 2003
dn:CN=BQ_SQLSRV,OU=SQL Servers,OU=DB Management,DC=uk,DC=corp,DC=company,DC=
net
>objectClass: top
>objectClass: person
>objectClass: organizationalPerson
>objectClass: user
>objectClass: computer
>cn: BQ_SQLSRV
>distinguishedName: CN=BQ_SQLSRV,OU=SQL Servers,OU=DB Management,DC=uk,DC=corp,D
C=company,DC=net
>instanceType: 0
>whenCreated: 20040929141155.0Z
>whenChanged: 20120802201548.0Z
>displayName: BQ_SQLSRV$
>uSNCreated: 51099
>uSNChanged: 33966792
>name: BQ_SQLSRV
>objectGUID: {5A8EE7D2-32CD-4D60-B172-41B8CDABC96E}
>userAccountControl: 4096
>pwdLastSet: 129875983252290738
>primaryGroupID: 515
>objectSid: S-1-5-21-3484230728-397263411-2833629501-76113
>sAMAccountName: BQ_SQLSRV$
>sAMAccountType: 805306369
>dNSHostName: bq_sqlsrv.uk.corp.company.net
>servicePrincipalName: HOST/BQ_SQLSRV
>servicePrincipalName: HOST/bq_sqlsrv.uk.corp.company.net
>objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=net
>lastLogonTimestamp: 129884116473501859
--------------------------------------------------------------------------------------------------------------------------------------
Using server: CORPPL-AD02.corp.company.net:3268
Directory: Windows Server 2003
dn:CN=DK_SQLSRV,OU=SQL Servers,OU=DB Management,DC=uk,DC=corp,DC=company,DC=
net
>objectClass: top
>objectClass: person
>objectClass: organizationalPerson
>objectClass: user
>objectClass: computer
>cn: DK_SQLSRV
>distinguishedName: CN=DK_SQLSRV,OU=SQL Servers,OU=DB Management,DC=uk,DC=corp,D
C=company,DC=net
>instanceType: 0
>whenCreated: 20110104131322.0Z
>whenChanged: 20120805003536.0Z
>displayName: DK_SQLSRV$
>uSNCreated: 19016744
>uSNChanged: 34016653
>name: DK_SQLSRV
>objectGUID: {DDC551AB-F3F3-4BA9-BF8F-B1C169B6D670}
>userAccountControl: 4096
>pwdLastSet: 129886005142941672
>primaryGroupID: 515
>objectSid: S-1-5-21-3484230728-397263411-2833629501-144616
>sAMAccountName: DK_SQLSRV$
>sAMAccountType: 805306369
>dNSHostName: DK_SQLSRV.uk.corp.company.net
>servicePrincipalName: MSSQLSvc/DK_SQLSRV.uk.corp.company.net:1433
>servicePrincipalName: HOST/DK_SQLSRV.uk.corp.company.net
>servicePrincipalName: HOST/DK_SQLSRV
>objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=net
>dSCorePropagationData: 20120717092325.0Z
>dSCorePropagationData: 20120717092325.0Z
>dSCorePropagationData: 20120717092325.0Z
>dSCorePropagationData: 20120116132841.0Z
>dSCorePropagationData: 16010721193529.0Z
>lastLogonTimestamp: 129879221365397394
--------------------------------------------------------------------------------------------------------------------------
C:\AdFind>adfind -sc c:om_sqlsrv
AdFind V01.46.00cpp Joe Richards (joe@joeware.net) March 2012
Using server: CORPPL-AD02.corp.company.net:3268
Directory: Windows Server 2003
dn:CN=OM_SQLSRV,OU=SQL Servers,OU=DB Management,DC=uk,DC=corp,DC=company,DC=
net
>objectClass: top
>objectClass: person
>objectClass: organizationalPerson
>objectClass: user
>objectClass: computer
>cn: OM_SQLSRV
>distinguishedName: CN=OM_SQLSRV,OU=SQL Servers,OU=DB Management,DC=uk,DC=corp,D
C=company,DC=net
>instanceType: 0
>whenCreated: 20120508133504.0Z
>whenChanged: 20120730083024.0Z
>displayName: OM_SQLSRV$
>uSNCreated: 31819155
>uSNChanged: 33884157
>name: OM_SQLSRV
>objectGUID: {A9DD88A8-832F-4E03-96BC-6A7A650859C3}
>userAccountControl: 4096
>pwdLastSet: 129862424766223764
>primaryGroupID: 515
>objectSid: S-1-5-21-3484230728-397263411-2833629501-142265
>sAMAccountName: OM_SQLSRV$
>sAMAccountType: 805306369
>dNSHostName: OM_SQLSRV.uk.corp.company.net
>servicePrincipalName: MSSQLSvc/OM_SQLSRV.uk.corp.company.net:1433
>servicePrincipalName: HOST/OM_SQLSRV
>servicePrincipalName: HOST/OM_SQLSRV.uk.corp.company.net
>objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=net
>dSCorePropagationData: 20120508145251.0Z
>dSCorePropagationData: 20120508145251.0Z
>dSCorePropagationData: 20120508145251.0Z
>dSCorePropagationData: 16010108151513.0Z
>lastLogonTimestamp: 129881103046782065
- I have many other sql servers in our estate that produce no errors and just have two SPN's ( HOST\netbious and HOST\fqdn) which i believe are the defaults
- But I am worried about deleting MSSQLSvc/DK_SQLSRV.uk.corp.company.net:1433 because i can’t find any information that says MSSQLSvc will map to HOST
- I can’t find MSSQLSvc/BQ_SQLSRV.uk.corp.company.net:1433
- All 3 servers have sql installed and running.
- I have many other sql servers in our estate that produce no errors and just have two SPN's ( HOST\netbios and HOST\fqdn) which i believe are the defaults
So i am not really sure how to proceed