Solved

Event 11 Error: The KDC encountered duplicate names while processing a Kerberos authentication request.

Posted on 2011-03-22
3
6,154 Views
Last Modified: 2012-05-11
Hi guys, we have this error coming up on our DC... Server 2008R2.... domain trust 2003....

The KDC encountered duplicate names while processing a Kerberos authentication request. The duplicate name is MSSQLSvc/WGE-PER-SQL-01.wge.internal:1433 (of type DS_SERVICE_PRINCIPAL_NAME). This may result in authentication failures or downgrades to NTLM. In order to prevent this from occuring remove the duplicate entries for MSSQLSvc/WGE-PER-SQL-01.wge.internal:1433 in Active Directory.

and this one which seems to be identical except for the name being in lowercase....

The KDC encountered duplicate names while processing a Kerberos authentication request. The duplicate name is MSSQLSvc/wge-per-sql-01.wge.internal:1433 (of type DS_SERVICE_PRINCIPAL_NAME). This may result in authentication failures or downgrades to NTLM. In order to prevent this from occuring remove the duplicate entries for MSSQLSvc/wge-per-sql-01.wge.internal:1433 in Active Directory.

and this one.....

The KDC encountered duplicate names while processing a Kerberos authentication request. The duplicate name is MSSQLSvc/COMPAQ_SQL.wge.internal:1433 (of type DS_SERVICE_PRINCIPAL_NAME). This may result in authentication failures or downgrades to NTLM. In order to prevent this from occuring remove the duplicate entries for MSSQLSvc/COMPAQ_SQL.wge.internal:1433 in Active Directory.

Found this technet post which seems to be relevant to some degree but couldn't work out what i need to delete...

http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/ba6a67c2-ee45-4dcc-9ce4-fb6ebceb1c2a/

These are the results of the spnquery.vbs run on the DC......

cscript spnquery.vbs MSSQLSvc/COMPAQ_SQL.wge.internal:1433

CN=Administrator,CN=Users,DC=wge,DC=internal
Class: user
User Logon: Administrator
-- MSSQLSvc/compaq_sql.wge.internal:1433
-- MSSQLSvc/WGE-MEL-APP-01.wge.internal:SQLEXPRESS
-- MSSQLSvc/WGE-MEL-APP-01.wge.internal:52989
-- MSSQLSvc/persurf55.wge.internal:1433

CN=admin.sql,CN=Users,DC=wge,DC=internal
Class: user
User Logon: admin.sql
-- MSSQLSvc/wge-per-sql-01.wge.internal
-- MSSQLSvc/wge-per-sql-01.wge.internal:1433
-- MSSQLSvc/WGE-SYD-APP-01.wge.internal:49491
-- MSSQLSvc/WGE-SYD-APP-01.wge.internal:SQLEXPRESS
-- MSSQLSvc/compaq_sql.wge.internal:1433

cscript spnquery.vbs MSSQLSvc/wge-per-sql-01.wge.internal:1433

CN=WGE-PER-SQL-01,OU=Servers,OU=Perth,OU=WGE Sites,DC=wge,DC=internal
Class: computer
Computer DNS: WGE-PER-SQL-01.wge.internal
-- MSSQLSvc/wge-per-sql-01.wge.internal
-- MSSQLSvc/wge-per-sql-01.wge.internal:1433
-- WSMAN/wge-per-sql-01
-- WSMAN/wge-per-sql-01.wge.internal
-- TERMSRV/wge-per-sql-01.wge.internal
-- TERMSRV/WGE-PER-SQL-01
-- RestrictedKrbHost/WGE-PER-SQL-01
-- HOST/WGE-PER-SQL-01
-- RestrictedKrbHost/WGE-PER-SQL-01.wge.internal
-- HOST/WGE-PER-SQL-01.wge.internal

CN=admin.sql,CN=Users,DC=wge,DC=internal
Class: user
User Logon: admin.sql
-- MSSQLSvc/wge-per-sql-01.wge.internal
-- MSSQLSvc/wge-per-sql-01.wge.internal:1433
-- MSSQLSvc/WGE-SYD-APP-01.wge.internal:49491
-- MSSQLSvc/WGE-SYD-APP-01.wge.internal:SQLEXPRESS
-- MSSQLSvc/compaq_sql.wge.internal:1433

cscript spnquery.vbs MSSQLSvc/WGE-PER-SQL-01.wge.internal:1433

CN=WGE-PER-SQL-01,OU=Servers,OU=Perth,OU=WGE Sites,DC=wge,DC=internal
Class: computer
Computer DNS: WGE-PER-SQL-01.wge.internal
-- MSSQLSvc/wge-per-sql-01.wge.internal
-- MSSQLSvc/wge-per-sql-01.wge.internal:1433
-- WSMAN/wge-per-sql-01
-- WSMAN/wge-per-sql-01.wge.internal
-- TERMSRV/wge-per-sql-01.wge.internal
-- TERMSRV/WGE-PER-SQL-01
-- RestrictedKrbHost/WGE-PER-SQL-01
-- HOST/WGE-PER-SQL-01
-- RestrictedKrbHost/WGE-PER-SQL-01.wge.internal
-- HOST/WGE-PER-SQL-01.wge.internal

CN=admin.sql,CN=Users,DC=wge,DC=internal
Class: user
User Logon: admin.sql
-- MSSQLSvc/wge-per-sql-01.wge.internal
-- MSSQLSvc/wge-per-sql-01.wge.internal:1433
-- MSSQLSvc/WGE-SYD-APP-01.wge.internal:49491
-- MSSQLSvc/WGE-SYD-APP-01.wge.internal:SQLEXPRESS
-- MSSQLSvc/compaq_sql.wge.internal:1433


Any Ideas experts?
0
Comment
Question by:WGE_ENRB
3 Comments
 

Author Comment

by:WGE_ENRB
ID: 35196235
Additionally I have the following Results...

C:\>setspn -x
Checking domain DC=wge,DC=internal
Processing entry 4
MSSQLSvc/compaq_sql.wge.internal:1433 is registered on these accounts:
        CN=admin.sql,CN=Users,DC=wge,DC=internal
        CN=Administrator,CN=Users,DC=wge,DC=internal

MSSQLSvc/wge-per-sql-01.wge.internal:1433 is registered on these accounts:
        CN=admin.sql,CN=Users,DC=wge,DC=internal
        CN=WGE-PER-SQL-01,OU=Servers,OU=Perth,OU=WGE Sites,DC=wge,DC=internal

MSSQLSvc/wge-per-sql-01.wge.internal is registered on these accounts:
        CN=admin.sql,CN=Users,DC=wge,DC=internal
        CN=WGE-PER-SQL-01,OU=Servers,OU=Perth,OU=WGE Sites,DC=wge,DC=internal

MSSQLSvc/WGE-MEL-APP-01.wge.internal:52989 is registered on these accounts:
        CN=Administrator,CN=Users,DC=wge,DC=internal
        CN=WGE-MEL-APP-01,OU=Servers,OU=Melbourne,OU=WGE Sites,DC=wge,DC=internal

MSSQLSvc/WGE-MEL-APP-01.wge.internal:SQLEXPRESS is registered on these accounts:

        CN=Administrator,CN=Users,DC=wge,DC=internal
        CN=WGE-MEL-APP-01,OU=Servers,OU=Melbourne,OU=WGE Sites,DC=wge,DC=internal

found 5 groups of duplicate SPNs.
0
 
LVL 3

Expert Comment

by:barane
ID: 35196277
Your Event log triggers duplicate names as: MSSQLSvc/wge-per-sql-01.wge.internal:1433,
MSSQLSvc/WGE-PER-SQL-01.wge.internal:1433 ,

Just delete this duplicate entires
0
 
LVL 8

Accepted Solution

by:
ActiveDirectoryman earned 500 total points
ID: 35196329

THIS IS WILL SHOW YOU STEP BY STEP HOW TO REMOVE THE DUPLICATE SPNS
http://social.technet.microsoft.com/Forums/en/winservergen/thread/09a86d74-de48-4bda-9cc9-435da4f59910
0

Join & Write a Comment

Introduction SQL Server Integration Services can read XML files, that’s known by every BI developer.  (If you didn’t, don’t worry, I’m aiming this article at newcomers as well.) But how far can you go?  When does the XML Source component become …
JSON is being used more and more, besides XML, and you surely wanted to parse the data out into SQL instead of doing it in some Javascript. The below function in SQL Server can do the job for you, returning a quick table with the parsed data.
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
Viewers will learn how to use the SELECT statement in SQL and will be exposed to the many uses the SELECT statement has.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now