Monday, July 13, 2009

Event ID 5586, Cannot generate SSPI context

You get "Cannot connect to Configuration database" while accessing Central Administration or any SharePoint sites.

In Event Viewer we get the below error on the SharePoint server.

Event Type: ErrorEvent Source: Windows SharePoint Services 3Event Category:
Database Event ID: 5586
Date: 7/13/2009
Time: 12:36:31 AM
User: N/A
Computer: COMPUTERNAME
Description:Unknown SQL Exception 0 occured. Additional error information from SQL Server is included below. Cannot generate SSPI context.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

While trying to connect using connect.udl file, it gives the same error "Cannot generate SSPI Context"

On the SQL 2005 Server we get the below error.

Event Type: Error
Event Source: MSSQLSERVER
Event Category: (4)
Event ID: 17836
Date: 6/25/2009
Time: 11:51:45 PM
User: N/A
Computer: COMPUTERNAME
Description:
Length specified in network packet payload did not match number of bytes read; the connection has been closed. Please contact the vendor of the client library. [CLIENT:IP of SP Server]


Quick Resolution:- Reboot the SQL Server 2005

Error Troubleshooting:-
How to troubleshoot the "Cannot generate SSPI context" error message
http://support.microsoft.com/kb/811889

This is related to some SPN configurations gone incorrect on the SQL server.

Resolution:-
Logon to the server using Domain Admin rights.
Download Setspn.exe from Microsoft site to set the SPN's for the SQL server.

At command prompt go to the location where setspn.exe was installed.
C:\Program files\support tools>setspn -L MyDomain\MyUserName
Registered ServicePrincipleNames for CN=MyUserName Service Account, OU=Service Accounts, DC=MyDomain,DC=com: mssqlsvc/MyServer1.MyDomain.com:MyPort mssqlsvc/MyServer2.MyDomain.com:MyPort mssqlsvc/MyServer3.MyDomain.com:MyPort

If you are getting the error (Cannot generate SSPI context), you will not find the SQL server name in the list displayed by the command.

To Register your SQL server type the following command.
setspn -A MSSQLSvc/MyServer.MyDomain.com:1433 MyAccount

Note:- MyServer will be the SQL server name to which you are not able to connect.

Again run the setspn -L MyDomain\MyUserName command, you should find your SQL servers FQDN registered.

2 comments:

Anonymous said...

Thanks a lot, it was very helpfull!!!!.

Anonymous said...

SharePoint 2010, SQL Server 2008 R2, experienced this issue and this solution solved my problem.

Thanks