Ok, got the darn error as many people do: The KDC encountered duplicate names while processing a Kerberos authentication request. The duplicate name is MSSQLSvc/WAISBS.wireassoc.local:23936 (of type DS_SERVICE_PRINCIPAL_NAME). This may result in authentication failures or downgrades to NTLM. In order to prevent this from occuring remove the duplicate entries for MSSQLSvc/WAISBS.wireassoc.local:23936 in Active Directory. Ran setspn, but unsure which one(s) to remove... C:\Windows\system32>setspn -x Processing entry 0 MSSQLSvc/WAISBS.wireassoc.local:23936 is registered on these accounts: CN=SBS Services Account,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=wireassoc,DC=local CN=Joe Nike,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=wireassoc,DC=local {14E52635-0A95-4a5c-BDB1-E0D0C703B6C8}/WAISBS is registered on these accounts: CN=SBS Services Account,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=wireassoc,DC=local CN=Joe Nikek,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=wireassoc,DC=local CN=WAISBS,OU=Domain Controllers,DC=wireassoc,DC=local {14E52635-0A95-4a5c-BDB1-E0D0C703B6C8}/WAISBS.wireassoc.local is registered on these accounts: CN=SBS Services Account,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=wireassoc,DC=local CN=Joe Nike,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=wireassoc,DC=local CN=WAISBS,OU=Domain Controllers,DC=wireassoc,DC=local found 3 groups of duplicate SPNs. Which one is the correct to remove? Thanks

Hi, Can you go throug these discussions and see if that fixes your doubts? http://forums.techarena.in/active-directory/1142538.htm http://msdn.microsoft.com/en-us/library/ms178119.aspx http://social.technet.microsoft.com/Forums/en/winservergen/thread/09a86d74-de48-4bda-9cc9-435da4f59910 Ketan Thakkar | Microsoft Online Community Support

I'm pretty confused on what you have going on here. In the first defined service you have two accounts registered for MSSQLSvc/WAISBS.wireassoc.local:23936 The second you have three 14E52635-0A95-4a5c-BDB1-E0D0C703B6C8}/WAISBS The third you have three 14E52635-0A95-4a5c-BDB1-E0D0C703B6C8}/WAISBS.wireassoc.local What is really odd is you have an account or machine named WAISBS within the wireassoc.local domain controllers ou??? My guess (Read that last word, GUESS) is you don't want WAISBS as a spn and I have no idea on whether you want the SBS or Joe Nike (Nikek?). So my second guess is to remove the two Joe accounts as well. Check the service that sql is running as on the sql box, that can help you with it. Please, Please take a full backup before starting to make any changes. -- Paul Bergson MVP - Directory Services MCITP: Enterprise Administrator MCTS, MCT, MCSE, MCSA, Security+, BS CSci 2008, Vista, 2003, 2000 (Early Achiever), NT4 http://www.pbbergs.com Twitter @pbbergs http://blogs.dirteam.com/blogs/paulbergson Please no e-mails, any questions should be posted in the NewsGroup. This posting is provided "AS IS" with no warranties, and confers no rights.

The WAISBS is the DC of the small business server envirnoment.. does this help out anymore on what to delete?