Server 2016 - Active Directory - Kerberos/KDC duplication of type KEY ID



Good day

One of my DCs has this error in event viewer, for three separate KEY ID type identifiers. I can't find any duplicates after using setspn, ldifde output to logs, etc.

I need assistance in order to what to use to find the duplicate, commands, and what to do with it and how to do it.

The error body is the same for all three, just the ID changes:

"The KDC encountered duplicate names while processing a Kerberos authentication request. The duplicate name is 2CD18B5864BB31AE9B6EFD24DE603B7CB06EB0BEFDB066C8C7A2F7C705FC37BA (of type KEY ID). This may result in authentication failures or downgrades to NTLM. In order to prevent this from occurring remove the duplicate entries for 2CD18B5864BB31AE9B6EFD24DE603B7CB06EB0BEFDB066C8C7A2F7C705FC37BA in Active Directory."

Any assistance for steps etc. would be most appreciated, as I am not clued up on sorting out spn and kerberos issues.

Kindest regards


Continue reading...
Top Bottom