Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MDS on Linux sends SPN with instance name instead of port #2187

Closed
David-Engel opened this issue Oct 17, 2023 · 1 comment · Fixed by #2240
Closed

MDS on Linux sends SPN with instance name instead of port #2187

David-Engel opened this issue Oct 17, 2023 · 1 comment · Fixed by #2240
Labels
🐛 Bug! Issues that are bugs in the drivers we maintain.

Comments

@David-Engel
Copy link
Contributor

Describe the bug

MDS' managed SNI implementation is sending the SPN in the format MSSQLSVC/SERVERNAME.FQDN:INSTANCENAME instead of MSSQLSVC/SERVERNAME.FQDN:PORT when making TCP connections to named instances.

To reproduce

Connect to a named instance via TCP, managed SNI, and Kerberos auth. Using a network capture, you can see MDS gets a ticket using the named instance instead of the port number.

Expected behavior

MDS should use the MSSQLSVC/SERVERNAME.FQDN:PORT format for consistency with other drivers and aligning with the docs:

User-specified SPNs are supported in client drivers. However, if an SPN isn't provided, it is generated automatically based on the type of a client connection. For a TCP connection, an SPN in the format MSSQLSvc/FQDN:[<port>] is used for both the named and default instances.

For named pipes and shared memory connections, an SPN in the format MSSQLSvc/<FQDN>:<instancename> is used for a named instance and MSSQLSvc/<FQDN> is used for the default instance.

Further technical details

Microsoft.Data.SqlClient version: latest 5.1.1
.NET target: .NET (non Framework)
SQL Server version: All
Operating system: Linux (or managed SNI on Windows)
@David-Engel David-Engel added the 🐛 Bug! Issues that are bugs in the drivers we maintain. label Oct 17, 2023
@David-Engel
Copy link
Contributor Author

Filing this from an internal issue.

@David-Engel David-Engel added the 🆕 Triage Needed For new issues, not triaged yet. label Oct 17, 2023
@JRahnama JRahnama removed the 🆕 Triage Needed For new issues, not triaged yet. label Oct 19, 2023
@arellegue arellegue linked a pull request Dec 5, 2023 that will close this issue
Fix | Linux SPN port number using named instance and Kerberos authentication does not return port# #2240
Merged
@arellegue arellegue mentioned this issue Dec 18, 2023
Merged
@JRahnama JRahnama mentioned this issue Dec 21, 2023
Merged
@cheenamalhotra cheenamalhotra mentioned this issue Mar 12, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐛 Bug! Issues that are bugs in the drivers we maintain.
Projects
SqlClient Triage Board
Status: Closed
Milestone
No milestone
2 participants
@David-Engel @JRahnama