3ecommunications.net

Home > Event Id > Event Id 11 The Kdc Encountered Duplicate Names

Event Id 11 The Kdc Encountered Duplicate Names

Contents

But then we needed to enable kerberos authentication for our BizTalk 2004 server's SQL server and we ran into an interesting question. Register Login Posting Guidelines | Contact Moderators Ars Technica > Forums > Operating Systems & Software > Windows Technical Mojo Jump to: Select a forum ------------------ Hardware & Tweaking Audio/Visual I then deleted the old user accounts SPN my results were the following. I previously had my SQL running with a user account then changed it to run with a system account. http://3ecommunications.net/event-id/event-id-2001-microsoft-antimalware-has-encountered-an-error-trying-to-update-signatures.html

This documentation is archived and is not being maintained. The KB posted above describes howto find the Go to Solution 3 Participants Henrik Johansson LVL 31 Windows Server 200324 Active Directory17 Venabili LVL 20 Windows Server 20031 johnrhines 3 Comments Join the community Back I agree Powerful tools you need, all for free. x 48 Chris Horacek This error occurred on one of our DC's while updating info in Active Directory Users and Groups snap-in. look at this site

Event Id 11 The Kdc Encountered Duplicate Names

Under the Account tab in the user account properties, the Top user logon name was blank. Creating your account only takes a few minutes. You can find the SPN entries by querying LDAP. For example, if the service class and hostname is MSSQLSvc/hostname.domain.com, then logon to hostname.domain.com and verify which account SQL Server services uses to start with, and this is the account to

This may result in authentication failures or downgrades to NTLM. Comments: Anonymous SETSPN -X (Windows 2008 / Windows 7) will return duplicate SPNs. Under Options, add "servicePrincipalName;" to the Attributes box. Kb 321044 The entries kept being replaced, even after stopping DNS server on the affected server and manually forcing the entries in the AD-Enabled DNS.

Identify the duplicate SPN To identify the duplicate SPN: Log on to the computer referenced in the event log message. Event Id 11 Kerberos-key-distribution-center Duplicate Names Type LDP and click OK. 3. In order to do this, first find which accounts have the duplicate SPNs and then delete one of them. https://technet.microsoft.com/en-us/library/cc733945(v=ws.10).aspx x 72 Anonymous I was seeing this error in my lab machines for multiple spns in the format cifs\.

I deleted the incorrect entry and the problem has been solved. Ds_service_principal_name Kerberos Kerberos Key Distribution Center Service Principal Name Configuration Service Principal Name Configuration Event ID 11 Event ID 11 Event ID 11 Event ID 11 Event ID 24 TOC Collapse the Deleting account in sub-domain fixed the problem. Event ID 11 — Service Principal Name Configuration Updated: November 30, 2007Applies To: Windows Server 2008 Service principal names (SPNs) are stored as a property of the associated account object in Active Directory Domain Services (AD DS).

Event Id 11 Kerberos-key-distribution-center Duplicate Names

Even with 5 minutes per server (to check the logs and other parameters), it may take an hour to make sure that everything is ok and no "red lights" are blinking navigate to this website I found out the problem from SCOM, and fixed it according to your instructions. Event Id 11 The Kdc Encountered Duplicate Names Flea2k Ars Tribunus Militum Registered: Oct 28, 2001Posts: 2037 Posted: Mon May 09, 2005 11:53 am Man for some reason I didn't realize that they were running under different accounts. Remove Duplicate Spn Mssqlsvc You must identify the duplicate SPN, and then remove it.

Verify which one of these entries is used to run the SQL Server. http://3ecommunications.net/event-id/sacl-watcher-servicelet-encountered-an-error-while-monitoring-sacl-change.html As per Microsoft: "There are two or more computer accounts that have the same service principal names (SPNs) registered".See ME321044 for more details. Related Management Information Service Principal Name Configuration Core Security Community Additions ADD Show: Inherited Protected Print Export (0) Print Export (0) Share IN THIS ARTICLE Is this page helpful? All rights reserved. Remove The Duplicate Entries For Cifs In Active Directory

The idea is to search for the duplicate and remove it. Flea2k Ars Tribunus Militum Registered: Oct 28, 2001Posts: 2037 Posted: Mon May 09, 2005 10:19 am OK here is my results from a LDP query. From a newsgroup post: "We were receiving EventID 11 from source KDC because Microsoft Internet Information Services (IIS) was not enabled for both Kerberos and NTLM authentication. Check This Out Globally replaced my pc's name with the original DC's name, and rebooted.

Solution: Run the following command from a command prompt: ldifde -f check_SPN.txt -t 3268 -d "" -l servicePrincipalName -r "(servicePrincipalName=HOST/pc.domain.local*)" -p subtree Change the pc.domain.local with the name given in the Event Id 11 Disk x 67 Ander Taylor I was getting the following message: "There are multiple accounts with name MSSQLSvc/:1433 of type 10". Invalid operationTS79 on Cannot connect RemoteApp or Desktop Connection via the Connection BrokerPtochos on OfflineAddressBook, PublicFolderDatabase still points to old serverKai Thurfors on Event ID 10016, DistributedCOM: The application-specific permission settings

This may result in authentication failures or downgrades to NTLM.

At this point, a good 24 hours later, I have no more instances of this event showing up on my DCs. Administrators often remember the machine object but forget the DNS entry. 3. Click Start & select Run. 2. Setspn Duplicate Related Management Information Service Principal Name Configuration Core Security Community Additions ADD Show: Inherited Protected Print Export (0) Print Export (0) Share IN THIS ARTICLE Is this page helpful?

Open the properties page of this DN and choose serverPrincipalName from the second listbox. Wrong, I always add SQL instances to AD upon initial config. Stats Reported 7 years ago 3 Comments 13,466 Views Other sources for 11 Disk crypt32 Microsoft-Windows-Wininit Microsoft-Windows-RPC-Events Microsoft-Windows-CAPI2 Credential Vault Host Storage Credential Vault Host Control Service Lsi_sas See More Others http://3ecommunications.net/event-id/the-kerberos-subsystem-encountered-a-pac-verification-failure-windows-2003.html The "Event ID: 11, Source: KDC, There are multiple accounts with name MSSQLSvc/UNITY1.Davison.local:1433 of type DS_SERVICE_PRINCIPAL_NAME." error message appears.This is the error in the Application event log:Event Type: ErrorEvent Source: KDCEvent

I followed Ander Taylor's post and on a hunch, I checked the old service account and the current computer account. We ran a script that propogated user accounts from an Excel file. Yes No Tell us more Flash Newsletter | Contact Us | Privacy Statement | Terms of Use | Trademarks | © 2017 Microsoft © 2017 Microsoft

Do we just add an additional SPN for the Biztalk server to the SQLServ account or leave it, since SMS was already working fine and create a new service account for Flea2k Ars Tribunus Militum Registered: Oct 28, 2001Posts: 2037 Posted: Fri Apr 29, 2005 2:24 pm quote:if you have multiple SQL servers that will be using Windows Authentication you must have Invalid operation Azure AD Connect does not sync all users to Azure AD No certificate visible in the Exchange manage hybrid configuration wizard Cannot connect RemoteApp or Desktop Connection via the Event Details Product: Windows Operating System ID: 11 Source: Microsoft-Windows-Kerberos-Key-Distribution-Center Version: 6.0 Symbolic Name: KDCEVENT_NAME_NOT_UNIQUE Message: The KDC encountered duplicate names while processing a Kerberos authentication request.

Set the Base DN as DC=Home, DC=com. 11. http://support.microsoft.com/kb/321044 Add your comments on this Windows Event! Event ID: 11 Source: KDC Source: KDC Maintenance: Administration tasks for the maintenance of Active Directory. Join the community of 500,000 technology professionals and ask your questions.

Reply Click here to cancel reply. The content you requested has been removed. Leaving all fields blank, click OK. 7. Yes No Tell us more Flash Newsletter | Contact Us | Privacy Statement | Terms of Use | Trademarks | © 2017 Microsoft © 2017 Microsoft

In the offending machine's case, the SQLSERVERAGENT and MSSQLSERVER services were running in the same user context as his SQL Administrator account (e.g. "SQUIRRELAdmin").