I have faced similar issue while using Claims authentication.
On close inspection I found that the returned duplicate results were having different login names. For example if one result was ads\john
then the other one was i:0#.w|ads\john
.
It is easy to remove such duplicates if you are programming against server side directly with the following API code:
private string GetLoginName(string name)
{
var manager = SPClaimProviderManager.Local;
if (manager != null)
{
return SPClaimProviderManager.IsEncodedClaim(name) ? manager.DecodeClaim(name).Value : name;
}
return name;
}
I have blogged about it here:
http://www.madhur.co.in/blog/2014/01/29/convert-claim-based-login-name.html