I have a Windows Server 2000 (SP4) with SQL Server 2000 (2 instances). My
server is domain controller also.
I frequently receiving next message in the Event Log of the Windows Server
2000 & 2003 computers:
Source: KDC
ID: 11
There are multiple accounts with name MSSQLSvc/comp.dom.ru:1118 of type 10.
I'm finding the 321044 article of the Microsoft Knowledge Base.
I'm using the LDP utility and type next filter:
servicePrincipalName=MSSQLSvc/comp.dom.ru:1433
I received next reply:
***Searching...
ldap_search_s(ld, "DC=dom,DC=ru", 2,
"servicePrincipalName=MSSQLSvc/comp.dom.ru:1118", attrList, 0, &msg)
Result <0>: (null)
Matched DNs:
Getting 2 entries:[vbcol=seagreen]
1> canonicalName: dom.ru/Domain Controllers/comp;
1> cn: comp;
1> distinguishedName: CN=comp,OU=Domain Controllers,DC=dom,DC=ru;
5> objectClass: top; person; organizationalPerson; user; computer;
1> name: comp;[vbcol=seagreen]
1> canonicalName: <ldp: Binary blob>;
1> cn: <ldp: Binary blob>;
1> description: <ldp: Binary blob>;
1> distinguishedName: <ldp: Binary blob>;
4> objectClass: top; person; organizationalPerson; user;
1> name: <ldp: Binary blob>;
And what? Must I delete comp account? But comp is domain controller.
What can I do?
Michael S. Androsov
Hi
Check out the part in the KB that talks about using ADIEdit. You need to
change the incorrect SPN.
John
"Michael S. Androsov" wrote:
> I have a Windows Server 2000 (SP4) with SQL Server 2000 (2 instances). My
> server is domain controller also.
> I frequently receiving next message in the Event Log of the Windows Server
> 2000 & 2003 computers:
> Source: KDC
> ID: 11
> There are multiple accounts with name MSSQLSvc/comp.dom.ru:1118 of type 10.
> I'm finding the 321044 article of the Microsoft Knowledge Base.
> I'm using the LDP utility and type next filter:
> servicePrincipalName=MSSQLSvc/comp.dom.ru:1433
> I received next reply:
> ***Searching...
> ldap_search_s(ld, "DC=dom,DC=ru", 2,
> "servicePrincipalName=MSSQLSvc/comp.dom.ru:1118", attrList, 0, &msg)
> Result <0>: (null)
> Matched DNs:
> Getting 2 entries:
> 1> canonicalName: dom.ru/Domain Controllers/comp;
> 1> cn: comp;
> 1> distinguishedName: CN=comp,OU=Domain Controllers,DC=dom,DC=ru;
> 5> objectClass: top; person; organizationalPerson; user; computer;
> 1> name: comp;
> 1> canonicalName: <ldp: Binary blob>;
> 1> cn: <ldp: Binary blob>;
> 1> description: <ldp: Binary blob>;
> 1> distinguishedName: <ldp: Binary blob>;
> 4> objectClass: top; person; organizationalPerson; user;
> 1> name: <ldp: Binary blob>;
> And what? Must I delete comp account? But comp is domain controller.
> What can I do?
> Michael S. Androsov
>
|||Hi! Thank you very much for answer.
Excuse me. I'm not master in to the ADSIEdit and AD tools.
Can you help me? What I must doing after ADSIEDit loaded? What I search and
what is the part? I see the partition: Domain NC; Configuration Container and
Schema.
I don't know where I must seeking dublicate SPN.
Thanks,
Michael S. Androsov
"John Bell" пишет:
[vbcol=seagreen]
> Hi
> Check out the part in the KB that talks about using ADIEdit. You need to
> change the incorrect SPN.
> John
> "Michael S. Androsov" wrote:
|||Hi
Your duplicate spn is probably MSSQLSvc/comp.dom.ru. I am not an AD expert
but the following tells you how to search using ADSI Edit
http://support.microsoft.com/default...b;en-us;312299
You may want to post in
http://www.microsoft.com/technet/com...tive_directory
or
http://www.microsoft.com/technet/com...ve_di rectory
John
"Michael S. Androsov" wrote:
[vbcol=seagreen]
> Hi! Thank you very much for answer.
> Excuse me. I'm not master in to the ADSIEdit and AD tools.
> Can you help me? What I must doing after ADSIEDit loaded? What I search and
> what is the part? I see the partition: Domain NC; Configuration Container and
> Schema.
> I don't know where I must seeking dublicate SPN.
> Thanks,
> Michael S. Androsov
> "John Bell" пишет:
No comments:
Post a Comment