: this replaces the previously released v4.0.
Kerberos authentication provides a highly secure method to authenticate client and server entities (security principals) on a network. To use Kerberos authentication with SQL Server, a Service Principal Name (SPN) must be registered with Active Directory, which plays the role of the Key Distribution Center in a Windows domain. In addition, many customers also enable delegation for multi-tier applications using SQL Server. In such a setup, it may be difficult to troubleshoot the connectivity problems with SQL Server when Kerberos authentication fails.
Here are some additional reading materials for your reference.
Why use this tool?
The Kerberos Configuration Manager for SQL Server is a diagnostic tool that helps troubleshoot Kerberos related connectivity issues with SQL Server, SQL Server Reporting Services, and SQL Server Analysis Services. It can perform the following functions:
Gather information on OS and Microsoft SQL Server instances installed on a server.
Report on all SPN and delegation configurations and Always On Availability Group Listeners installed on a server.
Identify potential problems in SPNs and delegations.
Fix potential SPN problems.
This release (v4.1) adds support for Always On Availability Group Listeners, and fixes SPN format incompatibility with Windows Server 2008 and 2008 R2 (introduced in v4.0).
Microsoft Kerberos Configuration Manager for SQL Server requires a user with permission to connect to the WMI service on any machine its connecting to. For more information, refer to
Securing a Remote WMI Connection
For Always On Availability Group Listeners discovery, run this tool from the owner node.
Also, if needed for troubleshooting, the Kerberos Configuration Manager for SQL Server creates a log file in