Duplicate User Principal Names have been detected Rule

Run As Profiles

Name
Default

Alert Details

Message Priority Severity
Duplicate User Principal Names have been detected Medium Critical

Rule Knowledgebase

Summary

While trying to build a Kerberos ticket, the Key Distribution Center (KDC) detected two user objects with the same user principal name (UPN). The KDC cannot determine which user object is correct; therefore, it cannot create a ticket.

Causes

The Users and Computers Microsoft Management Console (MMC) snap-in checks for this problem and attempts to prevent it from occurring. However, the following situations can create this condition:

  • A script that is being used to create users is not checking for uniqueness.

  • A Microsoft® Windows® NT 4.0 utility is being used to create users.

  • A metadirectory or other provisioning tool that is being used to create users is not checking for uniqueness.

  • Replication is slow or malfunctioning.

  • A denial-of-service attack is under way.

Resolutions

Change the UPN on one of the conflicted user objects using the Users and Computers snap-in.

External References

For more information, see:

See Also for Active Directory (AD) Monitoring Management Pack


Downloads for Active Directory (AD) Monitoring Management Pack

AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED