SSPI Issues

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

Aussie Rules - 25 May 2006 14:09 GMT

Hi,

About 8 times a day, all of a sudden I get the message 'cannot generate SSPI
context' when trying to connect to SQL Server in my vb.net app. (also SQL
Management fails at the same time, with same error)

I have read up on this, and understand its a security issue, but why does it
happen radomly.... Is there a way to solve this ?

I get the following in my event log:
Windows cannot determine the user or computer name. (The specified domain
either does not exist or could not be contacted. ). Group Policy processing
aborted.

Reply to this Message

William (Bill) Vaughn - 31 May 2006 18:03 GMT

SSPI data authentication relies on the same mechanism your Windows system
uses to authenticate the user that logs in. If you log in as a domain user
(MyDomin\billva) and Windows can't see the domain controller, it uses cached
credentials for "N" times. Eventually, you can't get in. The same can happen
with a "trusted" connection. If the authentication comes from a domain
controller, you're pooched until you can VPN or otherwise reconnect to the
domain. However, if your Windows user (whose credentials you are leveraging)
logs into the SYSTEM, (mylaptop\billva) and you have a local machine
account, you can use SSPI authentication without the controller--right up to
the point where your machine account is dropped.

hth

Signature

____________________________________
William (Bill) Vaughn
Author, Mentor, Consultant
Microsoft MVP
INETA Speaker
www.betav.com/blog/billva
www.betav.com
Please reply only to the newsgroup so that others can benefit.
This posting is provided "AS IS" with no warranties, and confers no rights.
__________________________________

> Hi,
>
[quoted text clipped - 9 lines]
> either does not exist or could not be contacted. ). Group Policy
> processing aborted.

Reply to this Message

SSPI Issues

Free Magazines