Error 11, Source KDC on DC

L · Aug 6, 2003

Hi,

I have a DC which system log enter error 11, source KDC
every hour. The exact body of the message is a follows.

There are multiple accounts with name
cifs/servername.vhb.com of type 10. Or it will have
host/servername.vhb.com of type 10.

I can't find any documentation on Microsoft or any where
esle. Can someone help me...

Thanks.....

Charleta McKoy [MSFT] · Aug 6, 2003

This event is usually pointing out duplicate SPNs. In other words, there are
two or more computer accounts that have the same service principal names
(SPNs) registered.

The best way to resolve this issue is to use LDP or LDIFDE to locate the
machine accounts that have the duplicate SPNs. When you have located the
computers that have the duplicate SPNs, you can either delete the machine
account from the domain, disjoin and rejoin the machine to the domain, or
you can use ADSIEdit to correct the SPN on the computer that has the
incorrect SPN.

A sample ldifde command:
"ldifde -f computers.txt -d "dc=centerpoint-prop,dc=com" -r
"(objectclass=computer)" -p subtree" (without the quotation marks)

Error 11, Source KDC on DC

L

Charleta McKoy [MSFT]