|Product:||Windows Operating System|
|Message:||There are multiple accounts with name %1 of type %2.|
Kerberos could not authenticate a principal name because the name was not configured correctly.
Possible causes include:
To restore Kerberos authentication, remove the duplicate principal name. To find the duplicate, use either the Ldifde command or the LDP tool.
Using the Ldifde command, you can extract accounts for the domain, the suspected container, or the organizational unit OU), and then find the incorrectly configured principal name within the accounts.
To use the Ldifde utility to extract accounts
Note the accounts under which the SPN is located.
To use the LDP tool, install it from the Support\Tools folder on your