Active Directory cannot perform an authenticated RPC call to another DC because the SPN for the destination DC is not registered on the KDC Rule

Run As Profiles

Name
Default

Alert Details

Message Priority Severity
Active Directory cannot perform an authenticated RPC call to another DC because the SPN for the destination DC is not registered on the KDC Medium Critical

Rule Knowledgebase

Summary

The Active Directory® directory service did not perform an authenticated remote procedure call (RPC) to another domain controller because the desired service principal name (SPN) for the destination domain controller is not registered on the domain controller hosting the Key Distribution Center (KDC) that resolves the SPN.

Causes
This rule does not contain any causes.
Resolutions

Verify that the names of the destination domain controller and domain are correct. Also, verify that the SPN is registered on the KDC domain controller. If the destination domain controller has been recently promoted, it will be necessary for the local domain controller’s computer account data to replicate to the KDC before this computer can be authenticated.

Sample Event:

Active Directory did not perform an authenticated remote procedure call (RPC) to another domain controller because the desired service principal name (SPN) for the destination domain controller is not registered on the Key Distribution Center (KDC) domain controller that resolves the SPN.

Destination domain controller: %1

SPN: %2

External References

For more information, see:

See Also for Active Directory (AD) Monitoring Management Pack


Downloads for Active Directory (AD) Monitoring Management Pack

AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED