Solved

KDC 11 single-lable domain

Posted on 2006-11-08
6
295 Views
Last Modified: 2010-04-13
Hi,

I'm getting serveral instances of this event daily.

I have researched the matter here and elsewhere.
Basically everyone says to look up the double SPN and remove the unnecessary instance of it.
http://support.microsoft.com/kb/321044

I have done this but the error is stil logged.
I didn't have doulbe instances of the same name, but the admin and admin2 accounts had the same SPN as the server.

Event Type:      Error
Event Source:      KDC
Event Category:      None
Event ID:      11
Date:            08-11-06
Time:            10:34:46
User:            N/A
Computer:      <Servername>
Description:
There are multiple accounts with name MSSQLSvc/<servername>.<Domain>:2388 of type 10.

Event Type:      Error
Event Source:      KDC
Event Category:      None
Event ID:      11
Date:            08-11-06
Time:            10:33:59
User:            N/A
Computer:      <Servername>
Description:
There are multiple accounts with name MSSQLSvc/<SERVERNAME>.<Domain>:2388 of type 10.

I also tried ntdsutil / security account manager / check duplitace SIDs at the command prompt.
None were found.

This maybe completely irrelavant but ,<Servername> is in capitals in one error and in lowercase the next.
Is this some kind of unknown issue with having a single-label domain name??

Any idea's ?
How I can find the double name?

Cheers

0
Comment
Question by:DennisPost
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
6 Comments
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 17944700
Did you restart the server?
0
 
LVL 2

Author Comment

by:DennisPost
ID: 17945210
Ha ha, that would have been quick points for you! :-)
But yeah, many times.
I've also check the service accounts for MSSQLServer & ServerAgent, both run under the local system account.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 18360071
Would you mind sharing the solution please? I don't that single label domain generates these errors.

Thanks!
0
 
LVL 2

Author Comment

by:DennisPost
ID: 18363551
Sure.

MS KB 321044 gives 2 methods of finding the duplicate SPN name.
The first method is using LPD. This method didn't return anything  (Single label domain problem??)

Method 2 uses ldifde.
MS says type : ldifde -f domain.txt DNDomain (I took DNDomain literally)

After changing DNDomain to DC=<Domain> (No .com or anything after it) I finally got the output
text working. Searched and found 2 items with the double SPN. One being the enterprise admin account, the DC machine name.

I figured out how to found and remove the admin spn using ADSIEdit.

Pretty much as the KB says really....

Since then no more problems. Well at least no more KDC 11 events.

0
 
LVL 1

Accepted Solution

by:
DarthMod earned 0 total points
ID: 18374546
PAQd, 250 points refunded.

DarthMod
CS Moderator
0

Featured Post

Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to NTBackup if SQL Server running? 6 915
win2k service packs 5 668
Restore SQL database from 8.0 to 11.00 ? 3 1,401
Virtual box guest operating system will not start 15 76
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question