Resources For IT Professionals

United States (English) Drop down arrow

Drop down arrow

Россия (Pусский)中国（简体中文）Brasil (Português)

Post an article

Wikis - Page Details

First published by Tim Macaulay (bMicrosof)
When: 16 Jul 2013 12:58 PM
Last revision by dplotnikov - mvp (cMV)
When: 23 Jul 2013 12:44 AM
Revisions: 3
Comments: 0

Options

Subscribe to Article (RSS)

Can You Improve This Article?

Positively! Click Sign In to add the tip, solution, correction or comment that will help other users.

Report inappropriate content using these instructions.

[Troubleshooting] Cannot generate SSPI Context

[Troubleshooting] Cannot generate SSPI Context

Table of Contents

Problem Statement
Cause
Troubleshooting Action
Resolution

Problem Statement

The FIM Service fails to start. Review of the Application Event Log, we see an Event ID 0. The key is the text within the message "Cannot generate SSPI context".

Cause

This is an indication that there is a Kerberos problem. Specifically with connecting to SQL Server. Here is a great Microsoft Knowledge Base Article that speaks on SSPI.

How to troubleshoot the "Cannot generate SSPI context" error message

http://support.microsoft.com/kb/811889

Troubleshooting Action

Checked the SQL Server service to see what account was running the SQL Server
In this case it was the Local System Account
Reviewed the machine account in Active Directory that is hosting SQL Server and found that we were missing the SQL Server SPNs.

Resolution

Added the correct SQL Server SPNs

FIM, FIM 2010, FIM Resources, FIM TROUBLESHOOTING ARTICLES, FIM-HELP, FIM-HELP CANNOT GENERATE SSPI CONTEXT, FIM-HELP SSPR 3000, FIM-HELP TROUBLESHOOTING, FIM-HELP TROUBLESHOOTING SSPR, Has TOC, MIISILMFIM MACAULAY [Edit tags]

Leave a Comment

Please add 7 and 4 and type the answer here:
Post

Wiki - Revision Comment List(Revision Comment)

Wikis - Comment List