diff --git a/selftest/knownfail.d/spn_uniqueness b/selftest/knownfail.d/spn_uniqueness
deleted file mode 100644
index 3f6c2f03191..00000000000
--- a/selftest/knownfail.d/spn_uniqueness
+++ /dev/null
@@ -1,2 +0,0 @@
-^samba4.sam.python\(ad_dc_default\).__main__.SamTests.test_service_principal_name_uniqueness\(ad_dc_default\)
-^samba4.sam.python\(fl2008r2dc\).__main__.SamTests.test_service_principal_name_uniqueness\(fl2008r2dc\)
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index fbd163a6603..db3883eb527 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -4843,6 +4843,18 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req)
 		}
 	}
 
+	el = ldb_msg_find_element(ac->msg, "servicePrincipalName");
+	if ((el != NULL)) {
+		/*
+		 * We need to check whether the SPN collides with an existing
+		 * one (anywhere) including via aliases.
+		 */
+		ret = samldb_spn_uniqueness_check(ac, el);
+		if (ret != LDB_SUCCESS) {
+			return ret;
+		}
+	}
+
 	if (samdb_find_attribute(ldb, ac->msg,
 				 "objectclass", "user") != NULL) {
 		ac->type = SAMLDB_TYPE_USER;
@@ -4941,19 +4953,6 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req)
 		return samldb_fill_object(ac);
 	}
 
-
-	el = ldb_msg_find_element(ac->msg, "servicePrincipalName");
-	if ((el != NULL)) {
-		/*
-		 * We need to check whether the SPN collides with an existing
-		 * one (anywhere) including via aliases.
-		 */
-		ret = samldb_spn_uniqueness_check(ac, el);
-		if (ret != LDB_SUCCESS) {
-			return ret;
-		}
-	}
-
 	if (samdb_find_attribute(ldb, ac->msg,
 				 "objectclass", "subnet") != NULL) {
 		ret = samldb_verify_subnet(ac, ac->msg->dn);