Share via

Active Directory Domain Join Error - SPN Value Not Unique

Amit 1 Reputation point
2025-06-04T12:54:44.5933333+00:00

Assistance is needed to resolve an issue when attempting to join a Windows 11 laptop to an Active Directory domain. The following error message is encountered:
***The following error occurred attempting to join the domain xxxx.com: the operation failed because SPN value provided for additional/modification is not unique forest wide.***The computer account has already been deleted from the Domain Controller. While renaming the hostname of the client machine allows successful domain joining, the goal is to keep the hostname unchanged. Guidance on resolving this issue would be appreciated.

Windows for business Windows Server User experience Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Benjamin Wang 75 Reputation points Microsoft External Staff Moderator
    2025-06-06T08:19:41.9266667+00:00

    Hello,

    Thank you for posting question on Microsoft Windows forum!

    Recommended Solutions:

    1. On a Domain Controller, open PowerShell as Administrator
    2. Run the following command to find the conflicting SPN:  

    powershell:   *setspn -Q /<your_computer_name>   Replace <your_computer_name> with your laptop's hostname

    1. If found, delete the conflicting SPN with:

    setspn -D HOST/<your_computer_name> <computer_account_name>

    setspn -D HOST/<your_computer_name>.<domain>

    Hope the above information is helpful!

     

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.