This is my first post here so I do apologize for any formatting issues/inexperience all around.
I have a SQL Server with two instances (a default instance and named instance).
The SQL Server was initially joined to one domain but had later been joined to a new domain.
When I connect to the named instance locally on the SQL Server (MySQLServer\MyInstance), I am able to login using Windows authentication.
However when trying to connect to MySQLServer\MyInstance from another server on that domain, I get an error
The target principal name is incorrect. Cannot generate SSPI context
The Windows account is setup with SPN read/write permissions for the account running the services (returning "setspn -l newdomain\windowsaccount" (account running SQL services)) returns the expected SPN registries for the instances with the FQDN of the new domain. I can log in with SQL Server credentials on the remote server as well.
However when I try connecting to the named instance using FQDN (i.e., MySQLServer.newdomain.local\MyInstance), it will let me in using Windows authentication. Has anyone seen this before or know what I could do to resolve?
I've tried flushing the DNS and restarting both the SQL and remote server so all services should be accounted for in the restart (this is just an internal testing environment so no clients are affected :) ).
Any ideas or tips would be appreciated!
I guess that MySQLServer is just an alias for MySQLServer.newdomain.local. So I would check what your DNS Server is replying on (cmd/ps) nslookup MySQLServer and nslookup <<yourIPhere>.
You may also check which user is running the SQL Server Service regarding SPN related Errors or/and use the Tool provided by Microsoft.
Also re-register of the DNS Entry for your new Domain may helps to avoid DNS problems (cmd):
ipconfig /registerdns
Usually this is done within a domain join and reboot, but to my experience it sometimes gets lost.