Yet a more improve bulk DB set up file

This on attempt to do more and protect the system DBs

This script will:
1. Change the DB owner
2. Set all to simple mode. Cannot figure out how to stop the tempdb message
3. Set all DBs to 2012 mode
4. Add the domain users as owners. Please use this as a prototype for other test and dev users
5. Shrink all logs to 500 MB to ensure there is plenty of space

Left to do standardize file growths, block create user when the user exists

USE Master
GO


DECLARE @prefix nvarchar(120) = 'IF ''?'' NOT IN(''master'', ''model'', ''msdb'', ''tempdb'') BEGIN  ';
DECLARE @postfix nvarchar(50) = ' END';
DECLARE @cmd nvarchar(512);

SET @cmd =  @prefix + 'PRINT ''?''; USE ? exec sp_changedbowner sa ' + @postfix;
PRINT @cmd;
EXEC master.sys.sp_MSforeachdb  @command1 = @cmd
PRINT 'Successfully set DB owner to sa';


SET @cmd =  @prefix + 'ALTER DATABASE ? SET RECOVERY SIMPLE;' + @postfix;
PRINT @cmd;
EXEC master.sys.sp_MSforeachdb  @command1 = @cmd;
PRINT 'Set all DBs to SIMPLE';

SET @cmd =  @prefix + 'ALTER DATABASE ? SET COMPATIBILITY_LEVEL = 110;'+ @postfix;
PRINT @cmd;
EXEC master.sys.sp_MSforeachdb  @command1 = @cmd;
PRINT 'Upgrade all DBs to 2012';

SET @cmd =  @prefix + 'Use ?; CREATE USER [[DOMAIN]\[USER]] WITH DEFAULT_SCHEMA = dbo;' + @postfix;
PRINT @cmd;
EXEC master.sys.sp_MSforeachdb  @command1 = @cmd;
PRINT 'Add group [DOMAIN]\[USER]';

SET @cmd =  @prefix + 'Use ?; ALTER ROLE db_owner ADD MEMBER [[DOMAIN]\[USER]];' + @postfix;
PRINT @cmd;
EXEC master.sys.sp_MSforeachdb  @command1 = @cmd;
PRINT 'Add db_owner [DOMAIN]\[USER]';

SET @cmd =  @prefix + 'Use ?; DBCC SHRINKFILE (N''?_log'' , 500);' + @postfix;
PRINT @cmd;
EXEC master.sys.sp_MSforeachdb  @command1 = @cmd;
PRINT 'Shrink all logs to 500 MB';

SQL Connection Error: "The target principal name is incorrect. Cannot generate SSPI context"

Welcome to the rabbit hole.

This can be caused when there are more than one entry for a SQL Server entry in Kerberos. Sometimes it is caused when a SQL Server is installed under one domain user and is then is switch to another.

Technet article: How to troubleshoot the "Cannot generate SSPI context" error message
https://support.microsoft.com/en-us/kb/811889?wa=wsignin1.0 

Really good description but no examples:
How Windows Server 2012 Eases the Pain of Kerberos Constrained Delegation, Part 2

Basically you delete the existing entries and make new ones. You have to be an AD admin to make the deletions.

Commands of use:

List Command 

setspn -L [Machine name if default instance]

C:\windows\system32>setspn -L wkonedev01

Registered ServicePrincipalNames for CN=WKONEDEV01,OU=Member Servers,DC=******,

DC=com:

        MSSQLSvc/WkOneDev01.******.com:1433

        MSSQLSvc/WkOneDev01.******.com

        WSMAN/wkonedev01.******.com

        TERMSRV/wkonedev01.******.com

        RestrictedKrbHost/wkonedev01.******.com

        HOST/wkonedev01.******.com

        WSMAN/WKONEDEV01

        TERMSRV/WKONEDEV01

        RestrictedKrbHost/WKONEDEV01

        HOST/WKONEDEV01

Delete Command

setspn -D MSSQLsvc/[Machine Name].[Domain].com:1433 [Domain]\[Domain User Name]

 C:\windows\system32>setspn -D MSSQLsvc/wkonedev01.******.com:1433 ******\wkone

dev01server

Unregistering ServicePrincipalNames for CN=wkonedev01Server,OU=Service Accounts,

DC=*******,DC=com

        MSSQLsvc/wkonedev01.*******.com:1433

Updated object

Safe Add Command

setspn -S MSSQLsvc/[Machine Name].[Domain].com:1433 [Domain]\[Domain User Name]

C:\windows\system32>setspn -A MSSQLsvc/wkonedev01.*******.com:1433 ********\wkone

dev01server

Registering ServicePrincipalNames for CN=wkonedev01Server,OU=Service Accounts,DC

=********,DC=com

        MSSQLsvc/wkonedev01.********.com:1433

Updated object

After the commands make sure AD is given time to update the DNS then run

C:>ipconfig /flushdns

C:>ipconfig /renew