BizTalk: Service Principal Name (SPN) List

BizTalk is a "client" while SQL is the "server". In some situations, an extra hop is added, like a SharePoint server. In a double-hop scenario, Service Principal Names (SPN) are used by Active Directory to authenticate a service. In this BizTalk-SQL Server-SharePoint Server scenario, the SQL Server Service account needs an SPN.

Create the following SPNs for the SQL Server Service account using the Default Instance:

NETBios	setspn -a mssqlsvc/SQLServerComputerName Domain\SQLServerServiceAccount
NETBios:port	setspn -a mssqlsvc/SQLServerComputerName:1433 Domain\SQLServerServiceAccount
FQDN	setspn -a mssqlsvc/SQLServerComputerName.domain.com Domain\SQLServerServiceAccount
FQDN:port	setspn -a mssqlsvc/SQLServerComputerName.domain.com:1433 Domain\SQLServerServiceAccount

Create the following SPNs for the SQL Server Service account using the Named Instance. In the following example, Port 1435 is the Named Instance Port:

NETBios	setspn -a mssqlsvc/SQLServerComputerName:NamedInstance Domain\SQLServerServiceAccount
NETBios:port	setspn -a mssqlsvc/SQLServerComputerName:NamedInstance:1435 Domain\SQLServerServiceAccount
FQDN	setspn -a mssqlsvc/SQLServerComputerName.domain.com:NamedInstance Domain\SQLServerServiceAccount
FQDN:port	setspn -a mssqlsvc/SQLServerComputerName.domain.com: NamedInstance:1435 Domain\SQLServerServiceAccount

If using SQL Server clustered instances, create the following SPNs for the SQL Server cluster virtual name using the Default Instance:

NETBios	setspn -a mssqlsvc/ClusterVirtualName Domain\SQLServerClusterInstanceAccount
NETBios:port	setspn -a mssqlsvc/ClusterVirtualName:1433 Domain\SQLServerClusterInstanceAccount
FQDN	setspn -a mssqlsvc/ClusterVirtualName.domain.com Domain\SQLServerClusterInstanceAccount
FQDN:port	setspn -a mssqlsvc/ClusterVirtualName.domain.com:1433 Domain\SQLServerClusterInstanceAccount

If using SQL Server clustered instances, create the following SPNs for the SQL Server cluster virtual name using the Named Instance. In the following example, Port 1435 is the Named Instance Port:

NETBios	setspn -a mssqlsvc/ClusterVirtualName:NamedInstance Domain\SQLServerClusterInstanceAccount
NETBios:port	setspn -a mssqlsvc/ClusterVirtualName:NamedInstance:1435 Domain\SQLServerClusterInstanceAccount
FQDN	setspn -a mssqlsvc/ClusterVirtualName.domain.com:NamedInstance Domain\SQLServerClusterInstanceAccount
FQDN:port	setspn -a mssqlsvc/ClusterVirtualName.domain.com: :NamedInstance:1435 Domain\SQLServerClusterInstanceAccount