diff --git a/python/samba/emulate/traffic_packets.py b/python/samba/emulate/traffic_packets.py
index d23a7669ad9..1413c8bfb80 100644
--- a/python/samba/emulate/traffic_packets.py
+++ b/python/samba/emulate/traffic_packets.py
@@ -242,7 +242,13 @@ def packet_drsuapi_12(packet, conversation, context):
 def packet_drsuapi_13(packet, conversation, context):
     # DsWriteAccountSpn
     req = drsuapi.DsWriteAccountSpnRequest1()
-    req.operation = drsuapi.DRSUAPI_DS_SPN_OPERATION_ADD
+    req.operation = drsuapi.DRSUAPI_DS_SPN_OPERATION_REPLACE
+    req.unknown1 = 0  # Unused, must be 0
+    req.object_dn = context.user_dn
+    req.count = 1  # only 1 name
+    spn_name = drsuapi.DsNameString()
+    spn_name.str = 'foo/{}'.format(context.username)
+    req.spn_names = [spn_name]
     (drs, handle) = context.get_drsuapi_connection_pair()
     (level, res) = drs.DsWriteAccountSpn(handle, 1, req)
     return True
diff --git a/python/samba/tests/emulate/traffic_packet.py b/python/samba/tests/emulate/traffic_packet.py
index 8aa6ca03247..61fd9008964 100644
--- a/python/samba/tests/emulate/traffic_packet.py
+++ b/python/samba/tests/emulate/traffic_packet.py
@@ -28,6 +28,7 @@ from samba.emulate import traffic
 
 from samba.samdb import SamDB
 import samba.tests
+from samba import sd_utils
 
 
 class TrafficEmulatorPacketTests(samba.tests.TestCase):
@@ -79,6 +80,11 @@ class TrafficEmulatorPacketTests(samba.tests.TestCase):
 
         self.context.generate_process_local_config(account, self.conversation)
 
+        # grant user write permission to do things like write account SPN
+        sdutils = sd_utils.SDUtils(self.ldb)
+        mod = "(A;;WP;;;PS)"
+        sdutils.dacl_add_ace(self.context.user_dn, mod)
+
     def tearDown(self):
         super(TrafficEmulatorPacketTests, self).tearDown()
         traffic.clean_up_accounts(self.ldb, 1)