Summary
We are working to enable http(s) connectivity to our SSAS cubes. I have followed the Microsoft Documentation (link) to set up the msmdpump files and can successfully access them via SSMS and Excel by IP, but when the server name is entered a "401 Unauthorized - The target principal name is incorrect" error is returned. What could be causing this failure?
Details
Connecting Via SSMS:
This works: http://0.0.0.0/olap/msmdpump.dll (actual IP address not shown)
This does not work: http://myservername.mydomain.com/olap/msmdpump.dll (actual server name not shown)
Error Message:
TITLE: Connect to Server
------------------------------
Cannot connect to http://myservername.mydomain.com/olap/msmdpump.dll.
------------------------------
ADDITIONAL INFORMATION:
The connection either timed out or was lost. (Microsoft.AnalysisServices.AdomdClient)
------------------------------
The remote server returned an error: (401) Unauthorized. (System)
------------------------------
The target principal name is incorrect (System)
I placed a very simple HTML file in the OLAP directory and I can successfully browse to it via a web browser.
Running this on the command line SetSPN -1 domain\myserviceaccount returns the following entries (actual values obscured):
MSSQLSvc/myservername.mydomain.com
MSSQLSvc/myservername.mydomain.com:1234
MSOLAPSvc.3/myservername
MSOLAPSvc.3/myservername.mydomain.com
http/myservername
http/myservername.mydomain.com
We are using Windows Authentication.
Update
If we remove the HTTP SPN entries, then it works again however to allow external access they are necessary.
Attempting to digest this MS Link: SPN registration for an Analysis Services instance
