WinRM service failed to create the following SPNs: WSMAN – Event ID:10154

Updated on August 16, 2015
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

I was getting an error ” The WinRM service failed to create the following SPNs: WSMAN/hostname; WSMAN/hostname. ” at startup on Windows 2008 R2 Domain Controllers.

Additional Data
Log Name: System
Source:  Microsoft-Windows-WinRM
Event ID: 10154
Level:  Warning

The WinRM service failed to create the following SPNs

Solution:
WinRM runs under ” Network Service ” account. You can eliminate this problem by giving Validated Write to Service Principal Name  permission to the NETWORK SERVICE using the ADSIEDIT.msc. This will allow WinRM to auto create the necessary SPNs on that domain controller. After granting this permission, re-sync all DCs and do a reboot to each domain controller where you did the change,  after that reboot you will see that the warning is gone and the required SPNs were created successfully.

Related Article  How to Deploy Windows Server 2008 Read Only Domain Controller (RODC)

Steps:

1- Use ADSIEDIT.msc

2- Choose Default naming context and scroll down to the Domain Controllers OU

3- Right-click the Domain Controller object that is showing the warnings and select properties

4- Select security tab

5- In the advanced security settings menu, click add, type ” Network Service ” and hit ok.

The WinRM service failed to create the following SPNs