Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-6435: DirectAudit adding SPN to Active Directory always add dynamic port instead of static port

Centrify DirectAudit ,  

20 September,16 at 09:32 AM

Applies to: All versions of Centrify DirectAudit on Windows.

Problem:
When using the wizard to add the SPN to the Active Directory entry, it always uses the dynamic port even when the SQL server does have static port configured.
Centrify DirectAudit Wizard
SQL server with dynamic and static port

Cause:

The reason the dynamic port is used because the SQL server is listening on both static port and dynamic port. DirectAudit first check if SQL is listening on dynamic port or not and if no dynamic port is found, the system continue to check for the static port. Because of this order of checking, dynamic port is always returned first and hence the observed behavior.

W
orkaround:
When it is needed to specify a static port, a blank value is set for dynamic port (not zero or any other number) in order to disable the dynamic ports. It is recommended to set the value for TCP dynamic port to blank under IPAll section of SQL configuration manager. Then restart the SQL server service for changes to take effect.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.