XenApp \ XenDesktop 7.x - Unable to contact Database error "Cannot generate SSPI context"
Article ID: CTX209470
Updated On:
Description
XenApp or XenDesktop 7.x is unable to contact the SQL Database. Telnets to and from the Delivery Controller and SQL are successful, but ODBC connection tests fail with "Cannot generate SSPI context".
SQL Server logs show the following error:
"SSPI Handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure [CLIENT: <IPAddress of DDC>]"
Resolution
Try switching the SQL server service from Local system to the SQL Service account (if it was already setup in the environment). If SQL Service is running under the correct context, then the problem could be related to SPNs.
Follow the instructions detailed in the following article to create a new SPN for the SQL database servers.
https://technet.microsoft.com/en-us/library/bb735885.aspx
Follow the Microsoft guide on troubleshooting SSPI context errors.
https://support.microsoft.com/en-us/help/811889/how-to-troubleshoot-the-cannot-generate-sspi-context-error-message
2. SQL Service is running under the Local System account instead of the SQL service account.
Follow the instructions detailed in the following article to create a new SPN for the SQL database servers.
https://technet.microsoft.com/en-us/library/bb735885.aspx
Follow the Microsoft guide on troubleshooting SSPI context errors.
https://support.microsoft.com/en-us/help/811889/how-to-troubleshoot-the-cannot-generate-sspi-context-error-message
Problem Cause
1. SPN for the SQL account has changed in some way, causing an authentication issue. OR2. SQL Service is running under the Local System account instead of the SQL service account.
Was this article helpful?
Yes
No
Powered by
