Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 309 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 260 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
Comments
http://blogs.msdn.com/nav_developer/archive/2009/06/12/setting-up-nav-2009-on-three-machines.aspx
The SPN in our case had to be :
DynamicsNAV/NAV-SERVER.Domain.com:7046
as opposed to the old :
NAV-SERVER_DynamicsNAV/NAV-SERVER.Domain.com:7046
Thnx all for the help.
I mean, isn't it enough for them to be in same LAN??
You need to take into account that they are using Windows Authentication, it means if they are not in same domain, you need to set somehow the authentication to work... ;-)
MVP - Dynamics NAV
My BLOG
NAVERTICA a.s.
Hi Kine
I can unbderstand that in this case domain is required but I am asking in general that LAN will work or I should add the system in domain (both the systems in same domain).??
LAN is about physical network between computers and other devices (routers, switches, pc etc.). Domain is about authentication, logical organization of devices, users etc. (domain, tree, forest, OUs, groups, users, etc.).
MVP - Dynamics NAV
My BLOG
NAVERTICA a.s.
Got it.
Thanx
When there are 2 different domains involved,then what should I do??
I have heared a thing called domain trust but the documentation is not good.Can you provide me with some good documentation??
Thanx in advance
I just looked over the posts, sorry if i replicate smth/smbd.
NAV Server and SQL Server services also need to use one domain account as Logon account.
Also try to set the user not using "Kerberos only" but any authentication protocol. For some reason in my case the relation Client<->NAV Server is using NTLM, and NAV Server<->SQL is using Kerberos. I'm still troubleshooting this but the client is working fine.
And once again - manage your SPNs if you're not.
Good luck
In summary, the DelegationInfo key only applies to NAV 2009. The AllowNtlm and ServicePrincipalNameRequired keys apply only to NAV 2009 SP1.
The walkthrough in the documentation (installing three tiers on three computers) describes a set up where both SQL and NAV services run under the same service account. Perhaps the documentation is misleading, but this is not a requirement. It is more secure to use discrete service accounts.
@mihail_kolev: In Active Directory, if you trust a user to present delegated credentials using any protocol, you are allowing NTLM. If you want to force the RTC to authenticate using Kerberos, set the 'Use Kerberos only' option in Active Directory, and for SP1 clients set the config key AllowNtlm=false.
Alex
Well, I know that, but when I set it to "Kerberos only", the NAV Service is using the NTLM connecting to SQL server, when is set to "Any protocol" it uses Kerberos authentication.
That means YES there is something called as domain trust required for running RTC in 2 different domains.
Thanx