KDC error event, multiple accounts with name... of type...

Posted on 2008-11-13
Last Modified: 2012-05-05
Server 2003 standard 32x machine getting an event error (over and over again).  THe source in the event properties is KDC.  The event ID is 11.  THe description is " THere are multiple accounts with name MSSQLSvc/v2.<domain name>.com:1433 of type DS_SERVICE_PRINCIPAL_NAME."

Apparently kerberos is having fits about this and I should just delete one or both of these instances.  Problem is I cant seem to find them.  I have looked in Active Directory andhave tried using the ADISedit utility that comes with Windows Support Tools.  The ADISedit utility doesnt seem to have search capabilities and has a ton of area to cover.  Is it searchable?

How do I find these instances and correct this problem?
Question by:cheifm0j0
    LVL 20

    Expert Comment

    Have you used LDP?  This link goes over the steps.  I recently had this issue too but it was with the shortname.  I found the server in another child domain.

    LVL 59

    Expert Comment

    by:Darius Ghassem

    Author Comment

    I have not used LDP.  I have ran it now though and recieved the following output using the filter - (serviceprincipalname=host/
    ldap_search_s(ld, "DC=mojogar,DC=com", 2, "(serviceprincipalname=host/", attrList,  0, &msg)
    Result <0>: (null)
    Matched DNs:
    Getting 1 entries:
    >> Dn: CN=V2,CN=Computers,DC=mojogar,DC=com
     5> objectClass: top; person; organizationalPerson; user; computer;
     1> cn: V2;
     1> distinguishedName: CN=V2,CN=Computers,DC=mojogar,DC=com;
     1> name: V2;
     1> canonicalName:;
    so how do I use this information and apply it to the event error of;

    Event Type: Error
    Event Source: KDC
    Event Category: None
    Event ID: 11
    User:  N/A
    Computer: WHITE
    There are multiple accounts with name MSSQLSvc/ of type DS_SERVICE_PRINCIPAL_NAME.
    Am I using the wrong filter string query?

    LVL 20

    Expert Comment

    Do you have another account that has the same name in the forest?
    LVL 59

    Accepted Solution

    Did you run this command?

    ldifde -f domain.txt -d dc=domain,dc=com

    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Join & Write a Comment

    Suggested Solutions

    Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
    Moving your enterprise fax infrastructure from in-house fax machines and servers to the cloud makes sense — from both an efficiency and productivity standpoint. But does migrating to a cloud fax solution mean you will no longer be able to send or re…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now