greetings,
I have been having lots of error 11 in the event logs and have been reading about how to use ldifde and setspn to determine where the duplicates are with some success.
Here is the event log:
There are multiple accounts with name MSSQLSvc/dcls03.dcls.local:1728 of type DS_SERVICE_PRINCIPAL_NAME.
What I do not know is how to determine which SPN to remove without breaking the server.
I am running Server 2003.
Here is the the output of Setspn -l hostname
C:\Documents and Settings\Administrator>setspn -l dcls03
Registered ServicePrincipalNames for CN=DCLS03,OU=Domain Controllers,DC=dcls,DC=
local:
MSSQLSvc/dcls03.dcls.local:1728
MSSQLSvc/dcls03.dcls.local:20110
MSSQLSvc/dcls03.dcls.local
ldap/dcls03.dcls.local/ForestDnsZones.dcls.local
ldap/dcls03.dcls.local/DomainDnsZones.dcls.local
exchangeAB/DCLS03
exchangeAB/dcls03.dcls.local
exchangeMDB/dcls03.dcls.local
exchangeMDB/DCLS03
exchangeRFR/dcls03.dcls.local
exchangeRFR/DCLS03
SMTPSVC/DCLS03
SMTPSVC/dcls03.dcls.local
GC/dcls03.dcls.local/dcls.local
HOST/dcls03.dcls.local/DCLS
HOST/DCLS03
HOST/dcls03.dcls.local
HOST/dcls03.dcls.local/dcls.local
E3514235-4B06-11D1-AB04-00C04FC2DCD2/e867a1f2-dbc7-4aea-8501-e6fa54c90922/dc
ls.local
LDAP/e867a1f2-dbc7-4aea-8501-e6fa54c90922._msdcs.dcls.local
LDAP/dcls03.dcls.local/DCLS
LDAP/DCLS03
LDAP/dcls03.dcls.local
LDAP/dcls03.dcls.local/dcls.local
NtFrs-88f5d2bd-b646-11d2-a6d3-00c04fc9b232/dcls03.dcls.local
DNS/dcls03.dcls.local
Also I could see that the MSSQLSvc/dcls03.dcls.local:1728 was seen in the ldifde under an account:
dn: CN=Administrator,CN=Users,DC=dcls,DC=local
changetype: add
servicePrincipalName: MSSQLSvc/dcls03.dcls.local:1728
servicePrincipalName: MSSQLSvc/dcls03.dcls.local
servicePrincipalName: MSSQLSvc/dcls01.dcls.local:1433
Using the ADSI Edit I found the OU=Domain Controller CN=DCLS03.
But how do I determine which to remove? How can I determine what program is using it and how it will affect anything before I remove it?
Any help would be appreciated.