Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


KDC error event, multiple accounts with name... of type...

Posted on 2008-11-13
Medium Priority
Last Modified: 2012-05-05
Server 2003 standard 32x machine getting an event error (over and over again).  THe source in the event properties is KDC.  The event ID is 11.  THe description is " THere are multiple accounts with name MSSQLSvc/v2.<domain name>.com:1433 of type DS_SERVICE_PRINCIPAL_NAME."

Apparently kerberos is having fits about this and I should just delete one or both of these instances.  Problem is I cant seem to find them.  I have looked in Active Directory andhave tried using the ADISedit utility that comes with Windows Support Tools.  The ADISedit utility doesnt seem to have search capabilities and has a ton of area to cover.  Is it searchable?

How do I find these instances and correct this problem?
Question by:cheifm0j0
  • 2
  • 2
LVL 20

Expert Comment

ID: 22950002
Have you used LDP?  This link goes over the steps.  I recently had this issue too but it was with the shortname.  I found the server in another child domain.  http://support.microsoft.com/kb/321044

LVL 59

Expert Comment

by:Darius Ghassem
ID: 22950467

Author Comment

ID: 22950477
I have not used LDP.  I have ran it now though and recieved the following output using the filter - (serviceprincipalname=host/v2.mojogar.com).
ldap_search_s(ld, "DC=mojogar,DC=com", 2, "(serviceprincipalname=host/v2.mojogar.com)", attrList,  0, &msg)
Result <0>: (null)
Matched DNs:
Getting 1 entries:
>> Dn: CN=V2,CN=Computers,DC=mojogar,DC=com
 5> objectClass: top; person; organizationalPerson; user; computer;
 1> cn: V2;
 1> distinguishedName: CN=V2,CN=Computers,DC=mojogar,DC=com;
 1> name: V2;
 1> canonicalName: mojogar.com/Computers/V2;
so how do I use this information and apply it to the event error of;

Event Type: Error
Event Source: KDC
Event Category: None
Event ID: 11
User:  N/A
Computer: WHITE
There are multiple accounts with name MSSQLSvc/v2.mojogar.com:1433 of type DS_SERVICE_PRINCIPAL_NAME.
Am I using the wrong filter string query?

LVL 20

Expert Comment

ID: 22951477
Do you have another account that has the same name in the forest?
LVL 59

Accepted Solution

Darius Ghassem earned 1500 total points
ID: 22951860
Did you run this command?

ldifde -f domain.txt -d dc=domain,dc=com

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question