For a variety of software, such as SQL Server or Provisioning Services SOAP service, the services will attempt to self-register their Service Principal Name (SPN). When they are running as Network Service, they’ll be operating as the computer, which by default will have permission to set its own SPN. However when you are using named user service accounts, you either have to register the SPN manually or grant the permission for the service to modify its own. You can use the handy command below to grant the permission for the service to register it’s own SPN when running as a user rather than a computer account.
dsacls <DistinguishedName_of_Service_Account> /G SELF:RPWP;”servicePrincipalName”
dsacls cn=svcPVS,ou=MyUsers,dc=citrix,dc=local /G SELF:RPWP;”servicePrincipalName”
The distinguished name can be found by going to AD Users and Computers. Select View, Advanced Features. Open the user object, click “Advanced” then scroll to “Distinguished Name”. If you double click to edit it, you’ll be able to copy and paste from the text field.