locked
connection failed cannot generate SSPI context RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    I have 2 servers. On one server i install sql server 2014 and its working fine, i am able to get connected with sql with domain account.

    from second machine i want to connect my sql server, for that i create udl file when i give sql server address and click refresh getting following error:

    connection failed cannot generate SSPI context

    Firewall is off, created fire rule too, i am able to get ping first machine by ip and servername but still getting issue. please guide what could be an issue and how to fix it.

    thx

    iffi

    Monday, October 26, 2015 12:22 PM

Answers

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello,

    Please read the following resources:

    https://support.microsoft.com/en-us/kb/811889

    http://blogs.msdn.com/b/sql_protocols/archive/2007/01/02/cannot-generate-sspi-context-error-message-poisoned-dns.aspx

    http://www.sqldbadiaries.com/2011/09/05/how-the-cannot-generate-sspi-context-error-was-fixed/



    Hope this helps.



    Regards,

    Alberto Morillo
    SQLCoffee.com

    • Proposed as answer by Charlie Liao Wednesday, November 4, 2015 7:55 AM
    • Marked as answer by Charlie Liao Monday, November 9, 2015 7:14 AM
    Monday, October 26, 2015 1:21 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    This error can occur due to machine being unable to see a Domain controller. Validate one is present and contactable from your machine before pursuing more complex explanations.

    Regards,
    Mark Broadbent.
    Microsoft Certified Master
    Contact me through twitter | blog | sqlcloud

    Please click "Propose as answer" if a post solves your problem
    or/and vote the post up if it's been helpful.

    Monday, October 26, 2015 9:29 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi There,

    what is installed on the second server. is it SQL 2014 or higher.

    If it is lower version of SSMS then you can not connect.

    first make sure both servers are in the network and able to resolve each other.

    -------------------------------------------------------------------

    When the command ping -a <var class="sbody-var">IPAddress</var> resolves to the correct fully qualified DNS of the computer that is running SQL Server, the client-side resolution is also successful.
    SQL Server Service Principal Name creation
    This is one of the important parts of Kerberos authentication and SQL Server interaction. With SQL Server, you can run the SQL Server service under one of the following: a LocalSystem account, a local user account, or a domain user account. When the SQL Server service instance starts, it tries to register its own SPN in Active Directory by using the DsWriteAccountSpn API call. If the call is not successful, the following warning is   logged in Event Viewer:

    Source: MSSQLServer EventID: 19011   Description: SuperSocket info: (SpnRegister) : Error 8344.

    -------------------------------

    for more information read this link

    https://support.microsoft.com/en-us/kb/811889

    thanks

    kumar

    Tuesday, October 27, 2015 5:45 AM