3597922 - How to force SQL Server to use Kerberos Authentication instead of NTLM

When configuring a SQL Server connection with SAP systems on a Windows server, you notice that SQL Server is using NTLM authentication instead of Kerberos.

Also, errors like the ones below are seen in ERRORLOG:

• SQL Server is attempting to register a Service Principal Name (SPN) for the SQL Server service. Kerberos authentication will not be possible until a SPN is registered for the SQL Server service. This is an informational message. No user action is required.
  
  2025-12-07 00:34:14.78 Server      The SQL Server Network Interface library could not register the Service Principal Name (SPN) *user  for the SQL Server service. Windows return code: 0x2098, state: 20. Failure to register a SPN might cause integrated authentication to use NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies and if the SPN has not been manually registered.
  
  

• SQL Server in SAP NetWeaver Products
• Windows Server

SQL Server, SAP ECC system, Kerberos authentication, NTLM, Domain Controllers, Timeout error, Service Principal Name, SPN, Active Directory, Kerberos, connection, fails, force connection, authentication, could not register the Service Principal Name (SPN),  Failure to register a SPN might cause integrated authentication, Windows return code: 0x2098, state: 20, 0x2098, SQL Server is attempting to register a Service Principal Name, The SQL Server Network Interface library , KBA , BC-DB-MSS , SQL Server in SAP NetWeaver Products , Problem