Drop Table
Support Forum for database administrators and web based access to important newsgroups related to databases
Multiple accounts with the name MSSQLSvc...Hi, Got a KDC Error with the following description: ==================== ==================== == Event Type: Error Event Source: KDC Event Category: None Event ID: 11 Date: 28-04-2005 Time: 2:01:01 User: N/A Computer: server Description: There are multiple accounts with name MSSQLSvc/server.domain.local:1433 of type DS_SERVICE_PRINCIPAL _NAME. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. ==================== ==================== == The LDP-tool gives the following results: ==================== ==================== == ***Searching... ldap_search_s(ld, "DC=domain,DC=local", 2, " serviceprincipalname =MSSQLSvc/server.domain.local:1433", attrList, 0, &msg) Result <0>: (null) Matched DNs: Getting 2 entries:[color=darkr ed] 4> objectClass: top; person; organizationalPerson ; user; 1> cn: Administrator; 1> description: Built-in account for administering the computer/domain; 1> distinguishedName: CN=Administrator,CN= Users,DC=domain,DC=l ocal; 1> name: Administrator; 1> canonicalName: domain.local/Users/ Administrator;[color =darkred] 5> objectClass: top; person; organizationalPerson ; user; computer; 1> cn: server; 1> distinguishedName: CN=server,OU=Domain Controllers,DC=domai n,DC=local; 1> name: server; 1> canonicalName: domain.local/Domain Controllers/server; ==================== ==================== == Can anyone explain me what I can do about this? Deleting one of the accounts is not an option I guess... I read that in some cases a computer or user should be unregistered en registered again but in this case I'm not so confident about it re-registring the Server itself or the administrator-account.. Any help on this is much appreciated. Michel Schuurman Omni Trade Automatisering B.V.
Post Follow-up to this message
Re: Multiple accounts with the name MSSQLSvc...Somebody setup the SPN for the service account on those machines, unfortunately the same SPN has been promoted more than one time. Jens Suessmeyer. "Michel Schuurman" <ms_remove_@omni-trade.nl> schrieb im Newsbeitrag news:uW9$Ad9SFHA.2172@tk2msftngp13.phx.gbl... > Hi, > > Got a KDC Error with the following description: > > ==================== ==================== == > Event Type: Error > Event Source: KDC > Event Category: None > Event ID: 11 > Date: 28-04-2005 > Time: 2:01:01 > User: N/A > Computer: server > Description: > There are multiple accounts with name MSSQLSvc/server.domain.local:1433 of > type DS_SERVICE_PRINCIPAL _NAME. > > For more information, see Help and Support Center at > http://go.microsoft.com/fwlink/events.asp. > ==================== ==================== == > > > The LDP-tool gives the following results: > > ==================== ==================== == > ***Searching... > ldap_search_s(ld, "DC=domain,DC=local", 2, > " serviceprincipalname =MSSQLSvc/server.domain.local:1433", attrList, 0, > &msg) > Result <0>: (null) > Matched DNs: > Getting 2 entries: > 4> objectClass: top; person; organizationalPerson ; user; > 1> cn: Administrator; > 1> description: Built-in account for administering the computer/domain; > 1> distinguishedName: CN=Administrator,CN= Users,DC=domain,DC=l ocal; > 1> name: Administrator; > 1> canonicalName: domain.local/Users/Administrator; > 5> objectClass: top; person; organizationalPerson ; user; computer; > 1> cn: server; > 1> distinguishedName: CN=server,OU=Domain Controllers,DC=domai n,DC=local; > 1> name: server; > 1> canonicalName: domain.local/Domain Controllers/server; > ==================== ==================== == > > Can anyone explain me what I can do about this? Deleting one of the > accounts is not an option I guess... I read that in some cases a computer > or user should be unregistered en registered again but in this case I'm > not so confident about it re-registring the Server itself or the > administrator-account.. > > Any help on this is much appreciated. > > > > Michel Schuurman > > Omni Trade Automatisering B.V. >
Post Follow-up to this message Re: Multiple accounts with the name MSSQLSvc...The SPN should be registered under the account SQL is starting under, and ONLY that account. You can use the utility setspn to check for the existence of other spn's, delete the ones you don't want, and add the one you need. Please note...you are NOT deleting the ACCOUNT, but the Service Principle Name, which resides IN that user object. Here's an article with more info than you ever wanted to know about SQL and SPN's.: http://support.microsoft.com/defaul...kb;en-us;811889 but there are links to getting setspn in there. Donna Lambert "Jens Süßmeyer" wrote: > Somebody setup the SPN for the service account on those machines, > unfortunately the same SPN has been promoted more than one time. > > Jens Suessmeyer. > > > "Michel Schuurman" <ms_remove_@omni-trade.nl> schrieb im Newsbeitrag > news:uW9$Ad9SFHA.2172@tk2msftngp13.phx.gbl... > > >
Post Follow-up to this message
Sponsored Links
Show a Printable Version
Email This Page to Someone!
Receive updates to this thread
