• Management Pack:  SCOM 2016
  • MP Version:  1.0
  • Released:  10/19/2018
  • Publisher:  Microsoft

(Deprecated) Data Access Service SPN Registration Rule

  • ID:  Microsoft.SystemCenter.2007.SdkSpnRegistration
  • Description:  Rule to alert if a service principal name (SPN) for the account running the System Center Data Access service isn't registered.
  • Target:  Collection Server
  • Enabled:  No

Overridable Parameters

Parameter Name Default Value Description Override
Priority 2  
Severity 2  

Run As Profiles

Name
Default

Alert Details

Message Priority Severity
(Deprecated) Data Access Service SPN Not Registered High Critical

Rule Knowledgebase

Summary

The service principal name (SPN) for the "System Center Data Access" service may have failed to register. The "System Center Data Access" service must register SPNs for the Operations console and other SDK clients to authenticate using Kerberos.

Causes

In most cases this is due to the "System Center Data Access" service not having the necessary permissions to perform the SPN registration within Active Directory.

Resolutions

Check the existing SPN registrations by running the following command:

  • Setspn.exe -L <MS NetBIOS Name>

If the SPNs are registered correctly, you should see the following results:

  • MSOMSdkSvc/<MS NetBIOS Name>

  • MSOMSdkSvc/<MS FQDN>

If the SPNs are not correctly registered, register them manually by running the following commands, using an account with domain administrator rights:

  • Setspn.exe -A MSOMSdkSvc/<MS NetBIOS Name> <MS NetBIOS Name>

  • Setspn.exe -A MSOMSdkSvc/<MS FQDN> <MS NetBIOS Name>

External References
This rule does not contain any external references.

See Also for SCOM 2016 Management Pack


Downloads for SCOM 2016 Management Pack

AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED