There are multiple accounts with name cifs/svr-02.keylogix.local of type DS_SERVICE_PRINCIPAL_NAME

I keep getting these errors in my event log on my domain controllers and understand that it is duplicate entry in active directrory. I also understand that you have to use adsiedit to remove the duplicate. Can someone please give me so assistance on finding and remove the duplicate with ADSIedit.

Event Type:      Error
Event Source:      KDC
Event Category:      None
Event ID:      11
Date:            22/04/2006
Time:            3:27:09 p.m.
User:            N/A
Computer:      SVR-03
Description:
There are multiple accounts with name cifs/svr-02.keylogix.local of type DS_SERVICE_PRINCIPAL_NAME.

-OR-

There are multiple accounts with name HTTP/svr-02 of type DS_SERVICE_PRINCIPAL_NAME.

-OR-

There are multiple accounts with name host/svr-02.keylogix.local of type DS_SERVICE_PRINCIPAL_NAME.

Thanks

GlennCameronAsked:
Who is Participating?
 
MereteCommented:
Hi GlennCameron  did these suggestions help you?
Merete
0
 
Netman66Commented:
Hi again Glenn,

This is very likely due to duplicate DNS entries with differing IP addresses.  Check and remove any and all entries from DNS for the above node in ALL containers in EVERY zone that show the incorrect IP address.

NM
0
 
MereteCommented:
To check your event errors as a debug
go to Administrative tools Event viewer. you can save these, look below view is the export them.
Then  clear all the logs. By clearing them there will have a clean slate and when you next reboot we will see only errors that occur on boot.

Then do nothing else but shutdown and restart. Then go stright to Event viewer and at top left panel highlight and r/click "Save log file as" on both Application and System, choose save as .txt and name each application.txt/system.txt  save it load it in word pad copy and paste it back to us.

As another test, shut down and restart in safe mode. Boot back.
 Do you get the message here.

0
 
MereteCommented:
You have found the two objects that both have the same  
 
ServicePrincipal Name, Remove the Service Principal Name that conflicts from  
 
one of the objects. This is a multi-valued attribute, each object can have  
 
several Service Principal Names. You can modify this with ADSIEdit and  
 
LDP.exe, I think ADSIEdit is the easiest way do to so.  
http://www.eggheadcafe.com/ng/microsoft.public.windows.server.active_directory/post2846949.asp
0
 
Kini pradeepPrincipal Cloud and security consultantCommented:
hey check this out.

http://support.microsoft.com/?id=321044
the cifs there is the common internet file system.
i would use the ldifde dump for the domain and check for the machines that list this SPN and make sure that it is listed only for 1.

cheers.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.