As I am getting the below error in my domain controllers KDC Event ID:11 There are multiple accounts with name MSSQLSvc/SHAREDVSQL.domain.com:1433 of type DS_SERVICE_PRINCIPAL_NAME Where sharedvsql.domain.com is the Virtual name of SQL Cluster After it I used the following method to find the duplicity of SPNs Windows 2003 ADU&C, create a query, custom LDAP, and enter the following: servicePrincipalName=MSSQLSvc/sharedvsql.domain.com:1433 And I got only one object Sqldbcluster which contains this SPN (MSSQLSvc/SHAREDVSQL.domain.com:1433) We used 2 accounts for the Clustering 1. Sqlservices is the account which is being used in SQL and SQL Agent Service 2. Sqldbcluster is the account which is being used in Cluster Service Our cluster name is Sqldbcluster.domain.com Side by side the below error is coming in the SQL Server Event Type: Error Event Source: Kerberos Event Category: None Event ID: 4 Date: 4/10/2011 Time: 12:00:00 AM User: N/A Computer: SQLServer Description: The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/SQLServer.domain.com. The target name used was MSSQLSvc/SHAREDVSQL.domain.com:1433. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named machine accounts in the target realm (domain.com), and the client realm. Please contact your system administrator. I am confused that if I am getting only one account for this specified SPN MSSQLSvc/sharedvsql.domain.com:1433 then why the above error is coming in domain controllersSagar

KDC EventID 11 resolution. Thanks

Hello, try the mentioned Microsoft resolutions to solve the duplicate SPN problem: http://technet.microsoft.com/fr-fr/library/cc733945(v=WS.10).aspx http://support.microsoft.com/kb/321044 This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

Dear i have already done this activity and found the answer which i mentioned in my problemSagar

Dear Yousuf, i have done this activity as per your iven link but the problem is not relolvedSagar

Did you try all the methods. If possible can you share full results with us. Thanks

Hi, We did the below activity and problem has been resolved As we checked with adsiedit.msc and found that the Sqlcluster account had SPN MSSQLsvc/sharedvsql.domain.com:1433 .If SPN is registered with the wrong account(Sqlcluster account) then also this error comes, in our scene This SPN should be in the Sqlservice account so we assigned R/W SPN rights to Sqlservice account using Adsiedit and logged in with Sqlservice account in the sql server and found the same SPN now registered with this account.Now we have 2 accounts with same SPN then we removed the SPN from Sqlcluster account. Now only one account Sqlservice has this SPN and our problem has been resolved. ThanksSagar