Announcement

Collapse
No announcement yet.

KDC Event ID #11

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • KDC Event ID #11

    I am getting the following error every hour in my event log.



    I have tried the following fixs by Microsoft but it reports no SPN's

    http://support.microsoft.com/kb/321044

    This is a Windows 2003 SBS w/ SP2 installed

    Backup Exec 11d & BES both run on this box

    SQL 2005 is installed, MSDE is used for BES

    Any ideas?
    Be easy on me, I'm here to learn

  • #2
    Re: KDC Event ID #11

    BES is Blackberry Enterprise Server ?
    I think it will have something to do with the BlackBerry user you must have created before install BES on SBS ... probably you have same use rnames for SQL and the BES server?

    just guessing ..

    Comment


    • #3
      Re: KDC Event ID #11

      Originally posted by abakus View Post
      BES is Blackberry Enterprise Server ?
      Yes you are correct

      Originally posted by abakus View Post
      I think it will have something to do with the BlackBerry user you must have created before install BES on SBS ... probably you have same use rnames for SQL and the BES server?

      just guessing ..
      Nope
      Be easy on me, I'm here to learn

      Comment


      • #4
        Re: KDC Event ID #11

        maybe here you will find answer to your problem

        ;;;;;;;;;;;;;;;;;;;;;
        This problem occurs because two or more computer accounts have the same
        service principal name (SPN) registered. Event ID 11 is logged when the Key
        Distribution Center (KDC) receives a ticket request, and the related SPN
        exists more than one time when it is checked on the global catalog (GC) for
        verification.
        To resolve this problem, locate the computer accounts that have the
        duplicate SPNs. When you have located the computers that have the duplicate
        SPNs, you can either delete the computer account from the domain, disjoin
        and rejoin the computer to the domain, or you can use ADSIEdit to correct
        the SPN on the computer that has the incorrect SPN.

        To locate the computer accounts that have the duplicate SPNs, use one of
        the following methods.
        Method 1: Use the LDP support tool
        1. Click Start , click Run , type LDP , and then click OK .
        2. Click Connection , and then click Connect .
        3. Leave the default settings, and then click OK .
        Note If you do not receive the expected result, try another search by using
        the Global Catalog Port (326 instead of the default setting (389).
        4. Click Connection , and then click Bind .
        5. Leave the default settings, and then click OK .
        6. Click View , and then click Tree .
        7. In the Tree View dialog box, type DC= YourDomain ,DC=com in the
        BaseDN box, where YourDomain is your domain.
        8. Click Browse , and then click Search .
        9. In the Search dialog box, type DC= YourDomain ,DC=com in the BaseDN
        box.
        10. In the Search dialog box, type ( serviceprincipalname =HOST/
        mycomputer.mydomain .com)
        in the Filter box. If the service principal name that is referred to in the
        error in the System log differs from this example, type the service
        principal name to which the error refers.

        Note If you do not receive the expected result, try searching for " HOST/"
        as opposed to searching only for the exact SPN in the event ID.
        11. Under Scope , click Subtree .
        12. Click Run .

        If this result is not what we expect, please try the followings.
        Method 2:

        Use the querySpn.vbs script in the following Microsoft TechNet article. To
        use the script, copy the code, paste it into Notepad, and then save the
        script as querySpn.vbs.
        http://www.microsoft.com/technet/scr.../spnquery.mspx
        Run the script by using the following command:
        cscript spnquery.vbs HOST/mycomputer* >check_SPN.txt


        Also, you can use setspn tool to locate duplicate SPN. You can refer to

        Setspn Overview
        http://technet2.microsoft.com/Window...1-7ff0-4f6f-87
        d2-f2e70294a5761033.mspx

        Hope this helps.

        Sincerely
        Morgan Che
        Microsoft Online Support
        Microsoft Global Technical Support Center

        Get Secure! - www.microsoft.com/security
        ================================================== ===
        When responding to posts, please "Reply to Group" via your newsreader so
        that others may learn and benefit from your issue.
        ================================================== ===
        This posting is provided "AS IS" with no warranties, and confers no rights.
        Last edited by abakus; 16th October 2008, 17:47.

        Comment


        • #5
          Re: KDC Event ID #11

          Originally posted by abakus View Post
          maybe here you will find answer to your problem

          ;;;;;;;;;;;;;;;;;;;;;
          This problem occurs because two or more computer accounts have the same
          service principal name (SPN) registered. Event ID 11 is logged when the Key
          Distribution Center (KDC) receives a ticket request, and the related SPN
          exists more than one time when it is checked on the global catalog (GC) for
          verification.
          To resolve this problem, locate the computer accounts that have the
          duplicate SPNs. When you have located the computers that have the duplicate
          SPNs, you can either delete the computer account from the domain, disjoin
          and rejoin the computer to the domain, or you can use ADSIEdit to correct
          the SPN on the computer that has the incorrect SPN.

          To locate the computer accounts that have the duplicate SPNs, use one of
          the following methods.
          Method 1: Use the LDP support tool
          1. Click Start , click Run , type LDP , and then click OK .
          2. Click Connection , and then click Connect .
          3. Leave the default settings, and then click OK .
          Note If you do not receive the expected result, try another search by using
          the Global Catalog Port (326 instead of the default setting (389).
          4. Click Connection , and then click Bind .
          5. Leave the default settings, and then click OK .
          6. Click View , and then click Tree .
          7. In the Tree View dialog box, type DC= YourDomain ,DC=com in the
          BaseDN box, where YourDomain is your domain.
          8. Click Browse , and then click Search .
          9. In the Search dialog box, type DC= YourDomain ,DC=com in the BaseDN
          box.
          10. In the Search dialog box, type ( serviceprincipalname =HOST/
          mycomputer.mydomain .com)
          in the Filter box. If the service principal name that is referred to in the
          error in the System log differs from this example, type the service
          principal name to which the error refers.

          Note If you do not receive the expected result, try searching for " HOST/"
          as opposed to searching only for the exact SPN in the event ID.
          11. Under Scope , click Subtree .
          12. Click Run .

          If this result is not what we expect, please try the followings.
          Method 2:

          Use the querySpn.vbs script in the following Microsoft TechNet article. To
          use the script, copy the code, paste it into Notepad, and then save the
          script as querySpn.vbs.
          http://www.microsoft.com/technet/scr.../spnquery.mspx
          Run the script by using the following command:
          cscript spnquery.vbs HOST/mycomputer* >check_SPN.txt


          Also, you can use setspn tool to locate duplicate SPN. You can refer to

          Setspn Overview
          http://technet2.microsoft.com/Window...1-7ff0-4f6f-87
          d2-f2e70294a5761033.mspx

          Hope this helps.

          Sincerely
          Morgan Che
          Microsoft Online Support
          Microsoft Global Technical Support Center

          Get Secure! - www.microsoft.com/security
          ================================================== ===
          When responding to posts, please "Reply to Group" via your newsreader so
          that others may learn and benefit from your issue.
          ================================================== ===
          This posting is provided "AS IS" with no warranties, and confers no rights.

          Did you read my first post?
          Be easy on me, I'm here to learn

          Comment


          • #6
            Re: KDC Event ID #11

            See if this helps:
            http://eventid.net/display.asp?event...ce=KDC&phase=1
            ** Remember to give credit where credit is due and leave reputation points where appropriate **

            Comment


            • #7
              Re: KDC Event ID #11

              yea I checked that
              Be easy on me, I'm here to learn

              Comment

              Working...
              X