Log Name: System
Date: 1/1/2010 1:22:43 PM
Event ID: 10154
Task Category: None
The WinRM service failed to create the following SPNs: WSMAN/dcname.domain.tld; WSMAN/dcname.
The error received was 8344: %%8344.
The SPNs can be created by an administrator using setspn.exe utility.
If you have just upgraded to Windows Server 2008 R2 domain controller version and getting above error message, then you must fix by granting some special permissions.
By default, WinRM service is running under NETWORK SERVICE account.WinRM attempts to create 2 SPn (WSMAN/dc.domain.com & WSMAN /servername) after startup process.
To help this process, you must grant “Validated Write to Service Principal Name” permission to the NETWORK SERVICE account for each DC which generates this error message.
To achieve this goal,in adsiedit;
Default Naming Context – Domain Controllers OU – Specific Domain Controller
Click Properties and security.Add NETWORK SERVICE account and grant permission.