Thursday, January 22, 2015

The target principal name is incorrect. Cannot generate SSPI context.

I was recently setting up a SQL Server 2014 AlwaysOn Availability Group when I got the following error message while attempting to add a Replica for the Availability Group via SSMS (SQL Server Management Studio) with Windows Authentication:






Interestingly enough, I could log into the SQL Server just fine using SQL Server Authentication, but the authentication was failing while using Windows Authentication.  Of course, for a SQL Server AlwaysOn Availability Group, I needed to use Windows Authentication, otherwise it wouldn't work!

Therefore, I did some research and it seemed that most of the issues regarding this issue dealt with problems regarding the domain.

I remembered that I had joined this particular server to the domain without first removing it from the domain.  From prior experiences, I remembered that this can cause problems if I re-join a computer to the domain with the same exact name. 

Therefore, I decided to do the following:


  1. Leave the domain by joining a workgroup and rebooting the server
  2. Deleting the computer object and all of its children (deleting the subtree) in Active Directory
  3. Re-joining the server to the domain
Once I did that, I was able to successfully log into my other SQL Server using Windows Authentication to add it as a replica for my Availability Group!
Posted by at
Labels: ,

1 comment:

  1. deborahmattewsApril 28, 2025 at 2:41 AM

    This error typically occurs when there's an issue with the Kerberos authentication between dedicated server the client and the server. To resolve, check DNS settings, ensure the correct service principal name (SPN) is set, and verify the time synchronization between the client and server.




    ReplyDelete

Subscribe to: Post Comments (Atom)