Fixing SPN issues

When you install SCOM 2012/16 you will usually get this alert form all management servers:

Name: Data Access Service SPN Not Registered
Description: The System Center Data Access service failed to register an SPN. A domain admin needs to add MSOMSdkSvc/hostname and MSOMSdkSvc/hostname.domain.name to the servicePrincipalName of CN=hostname,OU=MyOU,DC=domain,DC=name

This alert is a bug and is discussed here.

I usually disable this alert as it's useless but we do need to confirm SPNs are setup correctly so run this command:

setspn -L domain\DasUserAccount

You should get this back if it's all good:

Registered ServicePrincipalNames for CN=domain\DasUserAccount,OU=MyOU,DC=domain,DC=name:
MSOMSdkSvc/MS1
MSOMSdkSvc/MS1.domain.name
MSOMSdkSvc/MS2
MSOMSdkSvc/MS2.domain.name

If not, we just need to setup the SPNs for all management servers like this:

setspn -S MSOMSdkSvc/MS1 domain\DasUserAccount
setspn -S MSOMSdkSvc/MS1.domain.name domain\DasUserAccount
setspn -S MSOMSdkSvc/MS2 domain\DasUserAccount
setspn -S MSOMSdkSvc/MS2.domain.name domain\DasUserAccount

Run setspn -L MS1 and you should get this:

MSOMSdkSvc/MS1
MSOMSdkSvc/MS1.domain.name

Run setspn -L MS2 and you should get this:

MSOMSdkSvc/MS2
MSOMSdkSvc/MS2.domain.name

Your SPNs should be sorted now 😀