I got this error in the event log on a fresh Sharepoint Server 2010 February Cumulative Update installation:
A Kerberos Error Message was received: on logon session Client Time: Server Time: 17:6:26.0000 4/2/2011 Z Error Code: 0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN Extended Error: 0xc0000035 KLIN(0) Client Realm: Client Name: Server Realm: DOMAIN.LOCAL Server Name: MSSQLSvc/sqlserver.domain.local:1433 Target Name: MSSQLSvc/sqlserver.domain.local:1433@DOMAIN.LOCAL Error Text: File: 9 Line: f09 Error Data is in record data.
Solution:
The error is due to a dual SPN entry. I found this with
ldifde -f dump_spn.txt -d "dc=domain,dc=local" -p subtree -r "(servicePrincipalName=MSSQLSvc/sharepointsql*)" -l servicePrincipalName
I found that another account in addition to the SQL Server Service account had registered a SPN.
This was removed with adsiedit.msc: Navigate to the correct OU/User, and remove the servicePrinicpalName entry.