Share via

MBAMWebSiteInstaller.ps1 gives me error

Tor 0 Reputation points
2025-11-17T09:04:31.9133333+00:00

Set-MachineUserOnSql : Unable to set permissions for machine on SQL server: Exception calling "GetHostByName" with "1" argument(s): "No such host is known"

At C:\Temp\MBAMWebSiteInstaller.ps1:1371 char:16

$success = Set-MachineUserOnSql + dockerfile ~~~~~~~~~~~~~~~~~~~~

  + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    
  + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Set-MachineUserOnSql
    
    
    
Install-MBAMWebSites : Failure setting machine account privileges on SQL

At C:\Temp\MBAMWebSiteInstaller.ps1:1520 char:5

+ ```powershell
Install-MBAMWebSites -SqlServerName $SqlServerName -SqlInstanceNa ...
```+ ```xml
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
  • FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Install-MBAMWebSites

I guess its because i use a custom SQL port have tried to run the command with SQLServerName,PORT, and the prameter IncludePortInSPN. but this doesnt even get the identification sertificate..

SQL Server | Other
0 comments
Answer recommended by moderator
  1. Lakshmi Narayana Garikapati 640 Reputation points Microsoft External Staff Moderator
    2025-11-19T10:49:02.43+00:00

    Hi @Tor, Thanks for reaching out to the SQL Forum with your question.

    Thanks for sharing the error details. The MBAM installer script fails because Set-MachineUserOnSql calls GetHostByName, which cannot resolve a server name when a custom SQL port is appended (e.g. ServerName,14330). Instead, you’ll need to pass only the hostname or FQDN in -SqlServerName, specify the instance separately with -SqlInstanceName if applicable, and use the -IncludePortInSPN switch so the Service Principal Name includes your custom port. Also confirm that the SQL service account has the correct SPN registered (check with setspn -L <account>), and that DNS resolves the hostname without the port. If certificate retrieval still fails, you can manually export the SQL Server Identification certificate from the SQL instance and import it into the MBAM web server.

    https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/mbam-setup-fails

    https://learn.microsoft.com/en-us/intune/configmgr/protect/deploy-use/bitlocker/setup-websites

    Thanks,

    Lakshmi.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.