|
sql
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
KDC ProblemA while back I started getting KDC errors in my System log on my domain controller. The error is: Event Type: Error Event Source: KDC Event Category: None Event ID: 11 Date: 3/16/2005 Time: 9:34:08 AM User: N/A Computer: TPADC1 Description: There are multiple accounts with name MSSQLSvc/elvis.aviinc.local:1433 of type 10. After researching this I did a "ldifde" dump of the active directory database and then searched the dump and found a double entry for "MSSQLSvc/elvis.aviinc.local:1433". I found it duplicated on one of the domain admins accounts. Since this appeared to be a duplicate I decided to delete it. Within a few minutes I had problems with connections to SQL. I put it back right away and then everything was working fine again. Obviously the SQL server has some kind of a link to this.... I have done some searching but have not found anything on it. Does anyone have any suggestions on cleaning this up? Harrison Midkiff Have a look at http://support.microsoft.com/default.aspx?scid=kb;en-us;321044
Peter "Do not awake the sleeping dragon for you are crunchy and taste good with ketchup". Peter The Spate Show quote "Harrison Midkiff" wrote: > Hello: > > A while back I started getting KDC errors in my System log on my domain > controller. The error is: > > Event Type: Error > Event Source: KDC > Event Category: None > Event ID: 11 > Date: 3/16/2005 > Time: 9:34:08 AM > User: N/A > Computer: TPADC1 > Description: > There are multiple accounts with name MSSQLSvc/elvis.aviinc.local:1433 of > type 10. > > After researching this I did a "ldifde" dump of the active directory > database and then searched the dump and found a double entry for > "MSSQLSvc/elvis.aviinc.local:1433". I found it duplicated on one of the > domain admins accounts. Since this appeared to be a duplicate I decided to > delete it. Within a few minutes I had problems with connections to SQL. I > put it back right away and then everything was working fine again. > Obviously the SQL server has some kind of a link to this.... > > I have done some searching but have not found anything on it. Does anyone > have any suggestions on cleaning this up? > > Harrison Midkiff > > > Peter:
Thanks for replying to my post. This is the article I followed which allowed me to find the duplicate but is was on a user account not a computer account. I think perhaps SQL has something in it hard coded to reference this user account. Any suggestions welcome... Harrison Midkiff "Peter 'Not Peter The Spate' Nolan" <PeterNotPeterTheSpateNo***@discussions.microsoft.com> wrote in message Show quote news:AEC55981-252F-4AF5-B46A-BCC8C71F330E@microsoft.com... > Have a look at > http://support.microsoft.com/default.aspx?scid=kb;en-us;321044 > > Peter > > "Do not awake the sleeping dragon for you are crunchy and taste good with > ketchup". > Peter The Spate > > "Harrison Midkiff" wrote: > >> Hello: >> >> A while back I started getting KDC errors in my System log on my domain >> controller. The error is: >> >> Event Type: Error >> Event Source: KDC >> Event Category: None >> Event ID: 11 >> Date: 3/16/2005 >> Time: 9:34:08 AM >> User: N/A >> Computer: TPADC1 >> Description: >> There are multiple accounts with name MSSQLSvc/elvis.aviinc.local:1433 of >> type 10. >> >> After researching this I did a "ldifde" dump of the active directory >> database and then searched the dump and found a double entry for >> "MSSQLSvc/elvis.aviinc.local:1433". I found it duplicated on one of the >> domain admins accounts. Since this appeared to be a duplicate I decided >> to >> delete it. Within a few minutes I had problems with connections to SQL. >> I >> put it back right away and then everything was working fine again. >> Obviously the SQL server has some kind of a link to this.... >> >> I have done some searching but have not found anything on it. Does >> anyone >> have any suggestions on cleaning this up? >> >> Harrison Midkiff >> >> >> try with setspn tool
or 1. use adsiedit.msc and show servicePrincipalName for your sql server (computer account) 2. use ldp.exe and search for "servicePrincipalName=MSSQLSvc/elvis*" delete duplicated spn -- -- "Within a few minutes I had problems with connections to SQL. " what??? error message?? Show quote "Harrison Midkiff" wrote: > Peter: > > Thanks for replying to my post. > > This is the article I followed which allowed me to find the duplicate but is > was on a user account not a computer account. I think perhaps SQL has > something in it hard coded to reference this user account. > > Any suggestions welcome... > > Harrison Midkiff > "Peter 'Not Peter The Spate' Nolan" > <PeterNotPeterTheSpateNo***@discussions.microsoft.com> wrote in message > news:AEC55981-252F-4AF5-B46A-BCC8C71F330E@microsoft.com... > > Have a look at > > http://support.microsoft.com/default.aspx?scid=kb;en-us;321044 > > > > Peter > > > > "Do not awake the sleeping dragon for you are crunchy and taste good with > > ketchup". > > Peter The Spate > > > > "Harrison Midkiff" wrote: > > > >> Hello: > >> > >> A while back I started getting KDC errors in my System log on my domain > >> controller. The error is: > >> > >> Event Type: Error > >> Event Source: KDC > >> Event Category: None > >> Event ID: 11 > >> Date: 3/16/2005 > >> Time: 9:34:08 AM > >> User: N/A > >> Computer: TPADC1 > >> Description: > >> There are multiple accounts with name MSSQLSvc/elvis.aviinc.local:1433 of > >> type 10. > >> > >> After researching this I did a "ldifde" dump of the active directory > >> database and then searched the dump and found a double entry for > >> "MSSQLSvc/elvis.aviinc.local:1433". I found it duplicated on one of the > >> domain admins accounts. Since this appeared to be a duplicate I decided > >> to > >> delete it. Within a few minutes I had problems with connections to SQL. > >> I > >> put it back right away and then everything was working fine again. > >> Obviously the SQL server has some kind of a link to this.... > >> > >> I have done some searching but have not found anything on it. Does > >> anyone > >> have any suggestions on cleaning this up? > >> > >> Harrison Midkiff > >> > >> > >> > > > Aleksandar:
Thanks for replying to my post. The error which was appearing on the SQL Enterprise Manager was, "Unable to initialize SSPI context". Any suggestions? Harrison Midkiff Show quote "Aleksandar Grbic" <AleksandarGr***@discussions.microsoft.com> wrote in message news:3DA4EE90-C742-482D-B063-C81B448C47E1@microsoft.com... > try with setspn tool > > or > > 1. use adsiedit.msc and show servicePrincipalName for your sql server > (computer account) > > 2. use ldp.exe and search for "servicePrincipalName=MSSQLSvc/elvis*" > delete duplicated spn > > -- -- "Within a few minutes I had problems with connections to SQL. " > what??? error message?? > > > > > "Harrison Midkiff" wrote: > >> Peter: >> >> Thanks for replying to my post. >> >> This is the article I followed which allowed me to find the duplicate but is >> was on a user account not a computer account. I think perhaps SQL has >> something in it hard coded to reference this user account. >> >> Any suggestions welcome... >> >> Harrison Midkiff >> "Peter 'Not Peter The Spate' Nolan" >> <PeterNotPeterTheSpateNo***@discussions.microsoft.com> wrote in message >> news:AEC55981-252F-4AF5-B46A-BCC8C71F330E@microsoft.com... >> > Have a look at >> > http://support.microsoft.com/default.aspx?scid=kb;en-us;321044 >> > >> > Peter >> > >> > "Do not awake the sleeping dragon for you are crunchy and taste good with >> > ketchup". >> > Peter The Spate >> > >> > "Harrison Midkiff" wrote: >> > >> >> Hello: >> >> >> >> A while back I started getting KDC errors in my System log on my domain >> >> controller. The error is: >> >> >> >> Event Type: Error >> >> Event Source: KDC >> >> Event Category: None >> >> Event ID: 11 >> >> Date: 3/16/2005 >> >> Time: 9:34:08 AM >> >> User: N/A >> >> Computer: TPADC1 >> >> Description: >> >> There are multiple accounts with name MSSQLSvc/elvis.aviinc.local:1433 of >> >> type 10. >> >> >> >> After researching this I did a "ldifde" dump of the active directory >> >> database and then searched the dump and found a double entry for >> >> "MSSQLSvc/elvis.aviinc.local:1433". I found it duplicated on one of the >> >> domain admins accounts. Since this appeared to be a duplicate I decided >> >> to >> >> delete it. Within a few minutes I had problems with connections to SQL. >> >> I >> >> put it back right away and then everything was working fine again. >> >> Obviously the SQL server has some kind of a link to this.... >> >> >> >> I have done some searching but have not found anything on it. Does >> >> anyone >> >> have any suggestions on cleaning this up? >> >> >> >> Harrison Midkiff >> >> >> >> >> >> >> >> >> Hi Harrison,
You may want to restart the SQL Server service after you have removed the duplicate SPN. If the SPN is re-added, remove the other SPN and then restart the SQL Server service. Feel free to let me know if this resolves your problem. Sincerely, William Wang Microsoft Online Partner Support When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. This posting is provided "AS IS" with no warranties, and confers no rights. -------------------- >Reply-To: "Harrison Midkiff" <HMidk***@aviinc.com> <AEC55981-252F-4AF5-B46A-BCC8C71F3***@microsoft.com> >From: "Harrison Midkiff" <HMidk***@aviinc.com> >References: <uHsGc7jKFHA.2***@tk2msftngp13.phx.gbl> <#mEsdElKFHA.***@TK2MSFTNGP10.phx.gbl> <3DA4EE90-C742-482D-B063-C81B448C4***@microsoft.com> Show quote >Subject: Re: KDC Problem TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP0>Date: Thu, 17 Mar 2005 13:03:45 -0500 >Lines: 254 >Organization: Audio Visual Innovations, Inc. >MIME-Version: 1.0 >Content-Type: multipart/alternative; > boundary="----=_NextPart_000_012E_01C52AF1.C085DB50" >X-Priority: 3 >X-MSMail-Priority: Normal >X-Newsreader: Microsoft Outlook Express 6.00.2900.2180 >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 >Message-ID: <O3FTruxKFHA.1***@TK2MSFTNGP09.phx.gbl> >Newsgroups: microsoft.public.sqlserver.server >NNTP-Posting-Host: 208.5.55.183 >Path: 9.phx.gbl >Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.sqlserver.server:382241 to initialize SSPI context".>X-Tomcat-NG: microsoft.public.sqlserver.server > >Aleksandar: >Thanks for replying to my post. >The error which was appearing on the SQL Enterprise Manager was, "Unable Show quote >Any suggestions? what??? error message??>Harrison Midkiff >"Aleksandar Grbic" <AleksandarGr***@discussions.microsoft.com> wrote in message news:3DA4EE90-C742-482D-B063-C81B448C47E1@microsoft.com... >> try with setspn tool >> >> or >> >> 1. use adsiedit.msc and show servicePrincipalName for your sql server > (computer account) >> >> 2. use ldp.exe and search for "servicePrincipalName=MSSQLSvc/elvis*" >> delete duplicated spn >> >> -- -- "Within a few minutes I had problems with connections to SQL. " > Show quote >> MSSQLSvc/elvis.aviinc.local:1433 of>> >> >> >> "Harrison Midkiff" wrote: >> >>> Peter: >>> >>> Thanks for replying to my post. >>> >>> This is the article I followed which allowed me to find the duplicate but is >>> was on a user account not a computer account. I think perhaps SQL has >>> something in it hard coded to reference this user account. >>> >>> Any suggestions welcome... >>> >>> Harrison Midkiff >>> "Peter 'Not Peter The Spate' Nolan" >>> <PeterNotPeterTheSpateNo***@discussions.microsoft.com> wrote in message >>> news:AEC55981-252F-4AF5-B46A-BCC8C71F330E@microsoft.com... >>> > Have a look at >>> > http://support.microsoft.com/default.aspx?scid=kb;en-us;321044 >>> > >>> > Peter >>> > >>> > "Do not awake the sleeping dragon for you are crunchy and taste good with >>> > ketchup". >>> > Peter The Spate >>> > >>> > "Harrison Midkiff" wrote: >>> > >>> >> Hello: >>> >> >>> >> A while back I started getting KDC errors in my System log on my domain >>> >> controller. The error is: >>> >> >>> >> Event Type: Error >>> >> Event Source: KDC >>> >> Event Category: None >>> >> Event ID: 11 >>> >> Date: 3/16/2005 >>> >> Time: 9:34:08 AM >>> >> User: N/A >>> >> Computer: TPADC1 >>> >> Description: >>> >> There are multiple accounts with name Show quote >>> >> type 10. >>> >> >>> >> After researching this I did a "ldifde" dump of the active directory >>> >> database and then searched the dump and found a double entry for >>> >> "MSSQLSvc/elvis.aviinc.local:1433". I found it duplicated on one of the >>> >> domain admins accounts. Since this appeared to be a duplicate I decided >>> >> to >>> >> delete it. Within a few minutes I had problems with connections to SQL. >>> >> I >>> >> put it back right away and then everything was working fine again. >>> >> Obviously the SQL server has some kind of a link to this.... >>> >> >>> >> I have done some searching but have not found anything on it. Does >>> >> anyone >>> >> have any suggestions on cleaning this up? >>> >> >>> >> Harrison Midkiff >>> >> >>> >> >>> >> >>> >>> >>> > William:
Thanks for replying to my post. Do you know of any tech net articles which may explain this behavior. The reason I ask is due to the sensitive nature of SQL we are going to have a meeting before we attempt any changes. Thanks. Harrison Midkiff Show quote "William Wang[MSFT]" <v-rxw***@online.microsoft.com> wrote in message news:lcT4rWsLFHA.1376@TK2MSFTNGXA02.phx.gbl... > Hi Harrison, > > You may want to restart the SQL Server service after you have removed the > duplicate SPN. If the SPN is re-added, remove the other SPN and then > restart the SQL Server service. > > Feel free to let me know if this resolves your problem. > > Sincerely, > > William Wang > Microsoft Online Partner Support > > When responding to posts, please "Reply to Group" via your newsreader so > that others may learn and benefit from your issue. > This posting is provided "AS IS" with no warranties, and confers no > rights. > > -------------------- >>Reply-To: "Harrison Midkiff" <HMidk***@aviinc.com> >>From: "Harrison Midkiff" <HMidk***@aviinc.com> >>References: <uHsGc7jKFHA.2***@tk2msftngp13.phx.gbl> > <AEC55981-252F-4AF5-B46A-BCC8C71F3***@microsoft.com> > <#mEsdElKFHA.***@TK2MSFTNGP10.phx.gbl> > <3DA4EE90-C742-482D-B063-C81B448C4***@microsoft.com> >>Subject: Re: KDC Problem >>Date: Thu, 17 Mar 2005 13:03:45 -0500 >>Lines: 254 >>Organization: Audio Visual Innovations, Inc. >>MIME-Version: 1.0 >>Content-Type: multipart/alternative; >> boundary="----=_NextPart_000_012E_01C52AF1.C085DB50" >>X-Priority: 3 >>X-MSMail-Priority: Normal >>X-Newsreader: Microsoft Outlook Express 6.00.2900.2180 >>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 >>Message-ID: <O3FTruxKFHA.1***@TK2MSFTNGP09.phx.gbl> >>Newsgroups: microsoft.public.sqlserver.server >>NNTP-Posting-Host: 208.5.55.183 >>Path: > TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP0 > 9.phx.gbl >>Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.sqlserver.server:382241 >>X-Tomcat-NG: microsoft.public.sqlserver.server >> >>Aleksandar: >>Thanks for replying to my post. >>The error which was appearing on the SQL Enterprise Manager was, "Unable > to initialize SSPI context". >>Any suggestions? >>Harrison Midkiff >>"Aleksandar Grbic" <AleksandarGr***@discussions.microsoft.com> wrote in > message news:3DA4EE90-C742-482D-B063-C81B448C47E1@microsoft.com... >>> try with setspn tool >>> >>> or >>> >>> 1. use adsiedit.msc and show servicePrincipalName for your sql server > > (computer account) >>> >>> 2. use ldp.exe and search for "servicePrincipalName=MSSQLSvc/elvis*" >>> delete duplicated spn >>> >>> -- -- "Within a few minutes I had problems with connections to SQL. " > > what??? error message?? >>> >>> >>> >>> >>> "Harrison Midkiff" wrote: >>> >>>> Peter: >>>> >>>> Thanks for replying to my post. >>>> >>>> This is the article I followed which allowed me to find the duplicate > but is >>>> was on a user account not a computer account. I think perhaps SQL has >>>> something in it hard coded to reference this user account. >>>> >>>> Any suggestions welcome... >>>> >>>> Harrison Midkiff >>>> "Peter 'Not Peter The Spate' Nolan" >>>> <PeterNotPeterTheSpateNo***@discussions.microsoft.com> wrote in message >>>> news:AEC55981-252F-4AF5-B46A-BCC8C71F330E@microsoft.com... >>>> > Have a look at >>>> > http://support.microsoft.com/default.aspx?scid=kb;en-us;321044 >>>> > >>>> > Peter >>>> > >>>> > "Do not awake the sleeping dragon for you are crunchy and taste good > with >>>> > ketchup". >>>> > Peter The Spate >>>> > >>>> > "Harrison Midkiff" wrote: >>>> > >>>> >> Hello: >>>> >> >>>> >> A while back I started getting KDC errors in my System log on my > domain >>>> >> controller. The error is: >>>> >> >>>> >> Event Type: Error >>>> >> Event Source: KDC >>>> >> Event Category: None >>>> >> Event ID: 11 >>>> >> Date: 3/16/2005 >>>> >> Time: 9:34:08 AM >>>> >> User: N/A >>>> >> Computer: TPADC1 >>>> >> Description: >>>> >> There are multiple accounts with name > MSSQLSvc/elvis.aviinc.local:1433 of >>>> >> type 10. >>>> >> >>>> >> After researching this I did a "ldifde" dump of the active directory >>>> >> database and then searched the dump and found a double entry for >>>> >> "MSSQLSvc/elvis.aviinc.local:1433". I found it duplicated on one of > the >>>> >> domain admins accounts. Since this appeared to be a duplicate I > decided >>>> >> to >>>> >> delete it. Within a few minutes I had problems with connections to > SQL. >>>> >> I >>>> >> put it back right away and then everything was working fine again. >>>> >> Obviously the SQL server has some kind of a link to this.... >>>> >> >>>> >> I have done some searching but have not found anything on it. Does >>>> >> anyone >>>> >> have any suggestions on cleaning this up? >>>> >> >>>> >> Harrison Midkiff >>>> >> >>>> >> >>>> >> >>>> >>>> >>>> >> > Hi Harrison,
The relevent articles I could find are: 305971 Windows 2000 Server Prompts Domain User for Credentials http://support.microsoft.com/?id=305971 811889 HOW TO: Troubleshoot the "Cannot Generate SSPI Context" Error Message http://support.microsoft.com/?id=811889 HTH! Sincerely, William Wang Microsoft Online Partner Support When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. This posting is provided "AS IS" with no warranties, and confers no rights. -------------------- >Reply-To: "Harrison Midkiff" <HMidk***@aviinc.com> <AEC55981-252F-4AF5-B46A-BCC8C71F3***@microsoft.com> >From: "Harrison Midkiff" <HMidk***@aviinc.com> >References: <uHsGc7jKFHA.2***@tk2msftngp13.phx.gbl> <#mEsdElKFHA.***@TK2MSFTNGP10.phx.gbl> <3DA4EE90-C742-482D-B063-C81B448C4***@microsoft.com> <O3FTruxKFHA.1***@TK2MSFTNGP09.phx.gbl> <lcT4rWsLFHA.1***@TK2MSFTNGXA02.phx.gbl> >Subject: Re: KDC Problem TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP1>Date: Wed, 23 Mar 2005 08:32:22 -0500 >Lines: 155 >Organization: Audio Visual Innovations, Inc. >X-Priority: 3 >X-MSMail-Priority: Normal >X-Newsreader: Microsoft Outlook Express 6.00.2900.2180 >X-RFC2646: Format=Flowed; Original >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 >Message-ID: <Oi9BAz6LFHA.3***@TK2MSFTNGP14.phx.gbl> >Newsgroups: microsoft.public.sqlserver.server >NNTP-Posting-Host: 208.5.55.190 >Path: 4.phx.gbl Show quote >Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.sqlserver.server:382949 TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP0>X-Tomcat-NG: microsoft.public.sqlserver.server > >William: > >Thanks for replying to my post. Do you know of any tech net articles which >may explain this behavior. The reason I ask is due to the sensitive nature >of SQL we are going to have a meeting before we attempt any changes. >Thanks. > >Harrison Midkiff >"William Wang[MSFT]" <v-rxw***@online.microsoft.com> wrote in message >news:lcT4rWsLFHA.1376@TK2MSFTNGXA02.phx.gbl... >> Hi Harrison, >> >> You may want to restart the SQL Server service after you have removed the >> duplicate SPN. If the SPN is re-added, remove the other SPN and then >> restart the SQL Server service. >> >> Feel free to let me know if this resolves your problem. >> >> Sincerely, >> >> William Wang >> Microsoft Online Partner Support >> >> When responding to posts, please "Reply to Group" via your newsreader so >> that others may learn and benefit from your issue. >> This posting is provided "AS IS" with no warranties, and confers no >> rights. >> >> -------------------- >>>Reply-To: "Harrison Midkiff" <HMidk***@aviinc.com> >>>From: "Harrison Midkiff" <HMidk***@aviinc.com> >>>References: <uHsGc7jKFHA.2***@tk2msftngp13.phx.gbl> >> <AEC55981-252F-4AF5-B46A-BCC8C71F3***@microsoft.com> >> <#mEsdElKFHA.***@TK2MSFTNGP10.phx.gbl> >> <3DA4EE90-C742-482D-B063-C81B448C4***@microsoft.com> >>>Subject: Re: KDC Problem >>>Date: Thu, 17 Mar 2005 13:03:45 -0500 >>>Lines: 254 >>>Organization: Audio Visual Innovations, Inc. >>>MIME-Version: 1.0 >>>Content-Type: multipart/alternative; >>> boundary="----=_NextPart_000_012E_01C52AF1.C085DB50" >>>X-Priority: 3 >>>X-MSMail-Priority: Normal >>>X-Newsreader: Microsoft Outlook Express 6.00.2900.2180 >>>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 >>>Message-ID: <O3FTruxKFHA.1***@TK2MSFTNGP09.phx.gbl> >>>Newsgroups: microsoft.public.sqlserver.server >>>NNTP-Posting-Host: 208.5.55.183 >>>Path: >> Show quote >> 9.phx.gbl >>>Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.sqlserver.server:382241 >>>X-Tomcat-NG: microsoft.public.sqlserver.server >>> >>>Aleksandar: >>>Thanks for replying to my post. >>>The error which was appearing on the SQL Enterprise Manager was, "Unable >> to initialize SSPI context". >>>Any suggestions? >>>Harrison Midkiff >>>"Aleksandar Grbic" <AleksandarGr***@discussions.microsoft.com> wrote in >> message news:3DA4EE90-C742-482D-B063-C81B448C47E1@microsoft.com... >>>> try with setspn tool >>>> >>>> or >>>> >>>> 1. use adsiedit.msc and show servicePrincipalName for your sql server > >> (computer account) >>>> >>>> 2. use ldp.exe and search for "servicePrincipalName=MSSQLSvc/elvis*" >>>> delete duplicated spn >>>> >>>> -- -- "Within a few minutes I had problems with connections to SQL. " > >> what??? error message?? >>>> >>>> >>>> >>>> >>>> "Harrison Midkiff" wrote: >>>> >>>>> Peter: >>>>> >>>>> Thanks for replying to my post. >>>>> >>>>> This is the article I followed which allowed me to find the duplicate >> but is >>>>> was on a user account not a computer account. I think perhaps SQL has >>>>> something in it hard coded to reference this user account. >>>>> >>>>> Any suggestions welcome... >>>>> >>>>> Harrison Midkiff >>>>> "Peter 'Not Peter The Spate' Nolan" >>>>> <PeterNotPeterTheSpateNo***@discussions.microsoft.com> wrote in message >>>>> news:AEC55981-252F-4AF5-B46A-BCC8C71F330E@microsoft.com... >>>>> > Have a look at >>>>> > http://support.microsoft.com/default.aspx?scid=kb;en-us;321044 >>>>> > >>>>> > Peter >>>>> > >>>>> > "Do not awake the sleeping dragon for you are crunchy and taste good >> with >>>>> > ketchup". >>>>> > Peter The Spate >>>>> > >>>>> > "Harrison Midkiff" wrote: >>>>> > >>>>> >> Hello: >>>>> >> >>>>> >> A while back I started getting KDC errors in my System log on my >> domain >>>>> >> controller. The error is: >>>>> >> >>>>> >> Event Type: Error >>>>> >> Event Source: KDC >>>>> >> Event Category: None >>>>> >> Event ID: 11 >>>>> >> Date: 3/16/2005 >>>>> >> Time: 9:34:08 AM >>>>> >> User: N/A >>>>> >> Computer: TPADC1 >>>>> >> Description: >>>>> >> There are multiple accounts with name >> MSSQLSvc/elvis.aviinc.local:1433 of >>>>> >> type 10. >>>>> >> >>>>> >> After researching this I did a "ldifde" dump of the active directory >>>>> >> database and then searched the dump and found a double entry for >>>>> >> "MSSQLSvc/elvis.aviinc.local:1433". I found it duplicated on one of >> the >>>>> >> domain admins accounts. Since this appeared to be a duplicate I >> decided >>>>> >> to >>>>> >> delete it. Within a few minutes I had problems with connections to >> SQL. >>>>> >> I >>>>> >> put it back right away and then everything was working fine again. >>>>> >> Obviously the SQL server has some kind of a link to this.... >>>>> >> >>>>> >> I have done some searching but have not found anything on it. Does >>>>> >> anyone >>>>> >> have any suggestions on cleaning this up? >>>>> >> >>>>> >> Harrison Midkiff >>>>> >> >>>>> >> >>>>> >> >>>>> >>>>> >>>>> >>> >> > > > Hi William,
I was reading the messages posted by Harrison, it seems tobe that he has the same problem than me, i used ldp.exe and i could find this accounts: ldap_search_s(ld, "dc=dinamica,dc=com,dc=co", 2, "serviceprincipalname=MSSQLSvc/ns.dinamica.com.co:1433", attrList, 0, &msg) Result <0>: (null) Matched DNs: Getting 2 entries: >> Dn: CN=Administrator,CN=Users,DC=dinamica,DC=com,DC=co 1> canonicalName: dinamica.com.co/Users/Administrator; 1> cn: Administrator; 1> description: Built-in account for administering the computer/domain; 1> distinguishedName: CN=Administrator,CN=Users,DC=dinamica,DC=com,DC=co; 4> objectClass: top; person; organizationalPerson; user; 1> name: Administrator; >> Dn: CN=NS,OU=Domain Controllers,DC=dinamica,DC=com,DC=co 1> canonicalName: dinamica.com.co/Domain Controllers/NS; 1> cn: NS; 1> distinguishedName: CN=NS,OU=Domain Controllers,DC=dinamica,DC=com,DC=co; 5> objectClass: top; person; organizationalPerson; user; computer; 1> name: NS; I have found two accounts, Administrator who is an user account, and the other account is a computer account called NS, but NS is the name of the server where SQL Server is running. What should i do? I hope you can help. Thanks Javier Espinosa Show quote "William Wang[MSFT]" wrote: > Hi Harrison, > > The relevent articles I could find are: > > 305971 Windows 2000 Server Prompts Domain User for Credentials > http://support.microsoft.com/?id=305971 > > 811889 HOW TO: Troubleshoot the "Cannot Generate SSPI Context" Error Message > http://support.microsoft.com/?id=811889 > > HTH! > > Sincerely, > > William Wang > Microsoft Online Partner Support > > When responding to posts, please "Reply to Group" via your newsreader so > that others may learn and benefit from your issue. > This posting is provided "AS IS" with no warranties, and confers no rights. > > -------------------- > >Reply-To: "Harrison Midkiff" <HMidk***@aviinc.com> > >From: "Harrison Midkiff" <HMidk***@aviinc.com> > >References: <uHsGc7jKFHA.2***@tk2msftngp13.phx.gbl> > <AEC55981-252F-4AF5-B46A-BCC8C71F3***@microsoft.com> > <#mEsdElKFHA.***@TK2MSFTNGP10.phx.gbl> > <3DA4EE90-C742-482D-B063-C81B448C4***@microsoft.com> > <O3FTruxKFHA.1***@TK2MSFTNGP09.phx.gbl> > <lcT4rWsLFHA.1***@TK2MSFTNGXA02.phx.gbl> > >Subject: Re: KDC Problem > >Date: Wed, 23 Mar 2005 08:32:22 -0500 > >Lines: 155 > >Organization: Audio Visual Innovations, Inc. > >X-Priority: 3 > >X-MSMail-Priority: Normal > >X-Newsreader: Microsoft Outlook Express 6.00.2900.2180 > >X-RFC2646: Format=Flowed; Original > >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 > >Message-ID: <Oi9BAz6LFHA.3***@TK2MSFTNGP14.phx.gbl> > >Newsgroups: microsoft.public.sqlserver.server > >NNTP-Posting-Host: 208.5.55.190 > >Path: > TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP1 > 4.phx.gbl > >Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.sqlserver.server:382949 > >X-Tomcat-NG: microsoft.public.sqlserver.server > > > >William: > > > >Thanks for replying to my post. Do you know of any tech net articles > which > >may explain this behavior. The reason I ask is due to the sensitive > nature > >of SQL we are going to have a meeting before we attempt any changes. > >Thanks. > > > >Harrison Midkiff > >"William Wang[MSFT]" <v-rxw***@online.microsoft.com> wrote in message > >news:lcT4rWsLFHA.1376@TK2MSFTNGXA02.phx.gbl... > >> Hi Harrison, > >> > >> You may want to restart the SQL Server service after you have removed the > >> duplicate SPN. If the SPN is re-added, remove the other SPN and then > >> restart the SQL Server service. > >> > >> Feel free to let me know if this resolves your problem. > >> > >> Sincerely, > >> > >> William Wang > >> Microsoft Online Partner Support > >> > >> When responding to posts, please "Reply to Group" via your newsreader so > >> that others may learn and benefit from your issue. > >> This posting is provided "AS IS" with no warranties, and confers no > >> rights. > >> > >> -------------------- > >>>Reply-To: "Harrison Midkiff" <HMidk***@aviinc.com> > >>>From: "Harrison Midkiff" <HMidk***@aviinc.com> > >>>References: <uHsGc7jKFHA.2***@tk2msftngp13.phx.gbl> > >> <AEC55981-252F-4AF5-B46A-BCC8C71F3***@microsoft.com> > >> <#mEsdElKFHA.***@TK2MSFTNGP10.phx.gbl> > >> <3DA4EE90-C742-482D-B063-C81B448C4***@microsoft.com> > >>>Subject: Re: KDC Problem > >>>Date: Thu, 17 Mar 2005 13:03:45 -0500 > >>>Lines: 254 > >>>Organization: Audio Visual Innovations, Inc. > >>>MIME-Version: 1.0 > >>>Content-Type: multipart/alternative; > >>> boundary="----=_NextPart_000_012E_01C52AF1.C085DB50" > >>>X-Priority: 3 > >>>X-MSMail-Priority: Normal > >>>X-Newsreader: Microsoft Outlook Express 6.00.2900.2180 > >>>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 > >>>Message-ID: <O3FTruxKFHA.1***@TK2MSFTNGP09.phx.gbl> > >>>Newsgroups: microsoft.public.sqlserver.server > >>>NNTP-Posting-Host: 208.5.55.183 > >>>Path: > >> > TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP0 > >> 9.phx.gbl > >>>Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.sqlserver.server:382241 > >>>X-Tomcat-NG: microsoft.public.sqlserver.server > >>> > >>>Aleksandar: > >>>Thanks for replying to my post. > >>>The error which was appearing on the SQL Enterprise Manager was, "Unable > >> to initialize SSPI context". > >>>Any suggestions? > >>>Harrison Midkiff > >>>"Aleksandar Grbic" <AleksandarGr***@discussions.microsoft.com> wrote in > >> message news:3DA4EE90-C742-482D-B063-C81B448C47E1@microsoft.com... > >>>> try with setspn tool > >>>> > >>>> or > >>>> > >>>> 1. use adsiedit.msc and show servicePrincipalName for your sql server > > > >> (computer account) > >>>> > >>>> 2. use ldp.exe and search for "servicePrincipalName=MSSQLSvc/elvis*" > >>>> delete duplicated spn > >>>> > >>>> -- -- "Within a few minutes I had problems with connections to SQL. " > > > >> what??? error message?? > >>>> > >>>> > >>>> > >>>> > >>>> "Harrison Midkiff" wrote: > >>>> > >>>>> Peter: > >>>>> > >>>>> Thanks for replying to my post. > >>>>> > >>>>> This is the article I followed which allowed me to find the duplicate > >> but is > >>>>> was on a user account not a computer account. I think perhaps SQL has > >>>>> something in it hard coded to reference this user account. > >>>>> > >>>>> Any suggestions welcome... > >>>>> > >>>>> Harrison Midkiff > >>>>> "Peter 'Not Peter The Spate' Nolan" > >>>>> <PeterNotPeterTheSpateNo***@discussions.microsoft.com> wrote in > message > >>>>> news:AEC55981-252F-4AF5-B46A-BCC8C71F330E@microsoft.com... > >>>>> > Have a look at > >>>>> > http://support.microsoft.com/default.aspx?scid=kb;en-us;321044 > >>>>> > > >>>>> > Peter > >>>>> > > >>>>> > "Do not awake the sleeping dragon for you are crunchy and taste good > >> with > >>>>> > ketchup". > >>>>> > Peter The Spate > >>>>> > > >>>>> > "Harrison Midkiff" wrote: > >>>>> > > >>>>> >> Hello: > >>>>> >> > >>>>> >> A while back I started getting KDC errors in my System log on my > >> domain > >>>>> >> controller. The error is: > >>>>> >> > >>>>> >> Event Type: Error > >>>>> >> Event Source: KDC > >>>>> >> Event Category: None > >>>>> >> Event ID: 11 > >>>>> >> Date: 3/16/2005 > >>>>> >> Time: 9:34:08 AM > >>>>> >> User: N/A > >>>>> >> Computer: TPADC1 > >>>>> >> Description: > >>>>> >> There are multiple accounts with name > >> MSSQLSvc/elvis.aviinc.local:1433 of > >>>>> >> type 10. > >>>>> >> > >>>>> >> After researching this I did a "ldifde" dump of the active > directory > >>>>> >> database and then searched the dump and found a double entry for > >>>>> >> "MSSQLSvc/elvis.aviinc.local:1433". I found it duplicated on one > of > >> the > >>>>> >> domain admins accounts. Since this appeared to be a duplicate I > >> decided > >>>>> >> to > >>>>> >> delete it. Within a few minutes I had problems with connections to > >> SQL. > >>>>> >> I > >>>>> >> put it back right away and then everything was working fine again. > >>>>> >> Obviously the SQL server has some kind of a link to this.... > >>>>> >> > >>>>> >> I have done some searching but have not found anything on it. Does > >>>>> >> anyone > >>>>> >> have any suggestions on cleaning this up? > >>>>> >> > >>>>> >> Harrison Midkiff > >>>>> >> > >>>>> >> > >>>>> >> > >>>>> > >>>>> > >>>>> > >>> > >> > > > > > > > > In almost every case I remember SSPI errors was related with wrong DNS
records, so check the DNS. (ex computer name is London instead of London.nwtraders.msft ) SETSPN works with FQDN only. Regards, Daniel Show quote "Harrison Midkiff" <HMidk***@aviinc.com> wrote in message news:uHsGc7jKFHA.2764@tk2msftngp13.phx.gbl... > Hello: > > A while back I started getting KDC errors in my System log on my domain > controller. The error is: > > Event Type: Error > Event Source: KDC > Event Category: None > Event ID: 11 > Date: 3/16/2005 > Time: 9:34:08 AM > User: N/A > Computer: TPADC1 > Description: > There are multiple accounts with name MSSQLSvc/elvis.aviinc.local:1433 of > type 10. > > After researching this I did a "ldifde" dump of the active directory > database and then searched the dump and found a double entry for > "MSSQLSvc/elvis.aviinc.local:1433". I found it duplicated on one of the > domain admins accounts. Since this appeared to be a duplicate I decided to > delete it. Within a few minutes I had problems with connections to SQL. I > put it back right away and then everything was working fine again. > Obviously the SQL server has some kind of a link to this.... > > I have done some searching but have not found anything on it. Does anyone > have any suggestions on cleaning this up? > > Harrison Midkiff > >  |
|||||||||||||||||||||||
Other interesting topics