While trying to build a Kerberos ticket, the Key Distribution Center (KDC) detected two user objects with the same user principal name (UPN). The KDC cannot determine which user object is correct; therefore, it cannot create a ticket.
The Users and Computers Microsoft Management Console (MMC) snap-in checks for this problem and attempts to prevent it from occurring. However, the following situations can create this condition:
A script that is being used to create users is not checking for uniqueness.
A Microsoft® Windows® NT 4.0 utility is being used to create users.
A metadirectory or other provisioning tool that is being used to create users is not checking for uniqueness.
Replication is slow or malfunctioning.
A denial-of-service attack is under way.
Change the UPN on one of the conflicted user objects using the Users and Computers snap-in.
For more information, see:
Microsoft Help and Support for Microsoft Windows Server 2003
Microsoft Knowledge Base