One of the things that people tend to forget (myself included) after installing System Center Service Manager, is to configure the Service Principal Names (SPN) for Service Manager. By default, the Service Manager setup will try to register the SPN. Most of the time however, it will fail. Why, you ask? This is due to the Service Account that we use for Service Manager does not have administrative rights, as it should be.
You might ask, whether is it really important to configure SPN for Service Manager. According to this blog post by Anton Gritsenko, it is. To summarize, if the SPN is not configured or if it is not configured correctly, it will affect things like:
- your Active Directory connector
- the import of data from Service Manager Database to the Data Warehouse Database
- unusual high memory consumption of SCSM services
Apart from that, you will constantly receive this message in Event Viewer (the computer name has been removed for privacy protection):
You can configure the SPN by executing these scripts in a command prompt window. Do remember though, that only Domain Administrators are able to modify the SPN records:
setspn.exe -S MSOMSdkSvc/hostname domain\ServiceAccountName
setspn.exe -S MSOMSdkSvc/FQDN domain\ServiceAccountName
An example would be like below:
setspn.exe -S MSOMSdkSvc/technicatoshokan technica\svc.scsm
setspn.exe -S MSOMSdkSvc/technicatoshokan.com technica\svc.scsm
To verify that the SPN has been configured, you can execute this script:
setspn.exe -L technica\svc.scsm
Once this is done, you’re all set in terms of installing System Center Service Manager.
