| Hi,
|
| I have 31 DCs in multiple locations connected via WAN
| link of 64/128 Kb. Recently the DCs received the EV error
| below :
|
| Event Type: Error
| Event Source: KDC
| Event Category: None
| Event ID: 11
| Date: 23/12/2003
| Time: 09:03:01
| User: N/A
| Computer: SRVDOMINIO
| Description:
| There are multiple accounts with name
| cifs/L056NT01.livrariasaraiva.com.br of type 10.
|
|
| I did not found any articles in KB about this error.
| Have anybody received this error too ?
|
| TIA,
|
| Rodrigo Varella
| IT Manager
| Livraria e Papelaria Saraiva S/A
|
Rodrigo,
You have two or more computer accounts that have the same service principle
names (SPNs) registered. There are a few methods you can use to locate the
machine accounts:
Method 1
--------
NOTE: If you do not have the Windows 2000 support tools installed, install
them from the Windows 2000 CD-ROM before proceeding. (The Setup executable
file for the support tools is located on the CD-ROM in the Support\Tools
folder. The installation does not require you to restart the computer, but
you may have to restart the computer so that the environment variables are
updated.
1. Click Start, and then click Run.
2. Type "LDP" (without the quotation marks), and then click OK.
3. Click Connection, and then click Connect.
4. Leave the default settings, and then click OK.
5. Click Connection, and then click Bind.
6. Leave the default settings, and then click OK.
7. Click View, and then click Tree.
8. In the Tree View dialog box, type "DC=<YourDomain>,DC=com" (without
the quotation marks) in the BaseDN box, where <YourDomain> is your
domain.
9. Click Browse, and then click Search.
10. In the Search dialog box, type DC=<YourDomain>,DC=com in the BaseDN
box.
11. In the Search dialog box, type
"(<serviceprincipalname>=HOST/<mycomputer.mydomain>.com )" (without the
quotation marks) in the Filter box. If the service principal name that
is referred to in the error in the system log is different from this
example here, type the service principal name that the error refers to.
12. Under Scope, click Subtree.
13. Click Run.
Method 2
--------
Use the Ldifde utility to dump the machine accounts for the domain, or from
the suspected container or OU:
1. From the domain controller, open a command prompt, and then type the
following string:
"ldifde -f computers.txt -d "dc=centerpoint-prop,dc=com" -r
"(objectclass=computer)" -p subtree" (without the quotation marks)
(NOTE: If the machines that seem to have the duplicate SPNs are located in
a certain OU (for example, Florida), you can refine the base dn, for
example: "-d "ou=florida,dc=mydomain,dc=com"" (without the quotation
marks).
2. Open the text file in Notepad, and then search for the SPN that is
reported in the event log.
3. Note the machine accounts under which the SPN is located.
When you have located the computers that have the duplicate SPNs, you can
either delete the machine account from the domain, disjoin and rejoin the
machine to the domain, or you can use ADSIEdit to correct the SPN on the
computer that has the incorrect SPN.
ADSIEdit
--------
In most cases, the computers have unique names, for example: machine1 and
machine2.
The SPN that is reported as duplicate may be HOST/machine1.mydomain.com.
With ADSIEdit, you can edit the SPN list on machine2 to delete the
duplicate SPN (HOST/machine1.mydomain.com), add the correct SPN
(HOST/machine2.mydomain.com), and then allow it to replicate to your other
domain controllers.
Chad A. Lacy
Windows 2000 Directory Services
==================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================
This posting is provided "AS IS" with no warranties, and confers no rights.
