mibuso.com
Home NAV Three Tier

Either the caller does not have the required permission...

jimmymcpjimmymcp Member Posts: 5
edited 2015-03-14 in NAV Three Tier
I've got a user who isn't able to connect to the middle tier in NAV 2009 SP1. The roletailored client gives the following error:

"Either the caller does not have the required permission or the specified path is read only."

The user has a windows login to the database, is a member of the SUPER role and is able to login to and use the classic client as expected. Other users are able to log in to the RTC as expected.

I've synchronised the permissions (although they are using standard security model anyway) and completely removed / re-added the user and login to SQL - but I'm still getting the same error.

Any suggestions gratefully received.

James

Comments

  • matttraxmatttrax Member Posts: 2,309
    If your user can use the classic client ok then it is not a problem with SQL / NAV permissions.

    More than likely they don't have permission to log on to the middle tier, which has a service that uses its own login to get into the database. Compare their AD groups and permissions with that of another user who can successfully login. You'll probably find a difference somewhere.
    Matt Traxinger - ArcherPoint
  • jr_bvajr_bva Member Posts: 4
    Hi everyone.

    We have same problem. About 20 users access correctly, but 3 users receive error listed above. All 3 users are in one AD group and have this error on all machines in network. But in this group are 2 another users, which can logon from anywhere.
    In event log isn't any error which can help me to find error source. In security list in event log is write that users are authenticated correctly, but they alway receive error from subject.
    Server service run in Network Service context and SQL server run in domain account context.
    Have any idea please ? Time is short and i have no idea ](*,)

    Thanks
  • mcoAggiemcoAggie Member Posts: 23
    No help but I have the same issue. ](*,) One user gets this error and everyone else is fine. Nothing in the application event log. The user with the error is in the same AD groups as all the other users that log in fine. Security audit is the same as jr above.

    I've tried to remove and reinsert in ad, in sql, restarting Nav server, reinstalling client, but no luck. Does the nav server store anything anywhere for its delegation that might cause an AD problem?
    Owen McDonald
    http://www.archerpoint.com
  • stevedivimaststevedivimast Member Posts: 39
    I got the same problem.
    I changed user of DinamicsNav service from Network Service to Local and this solved the problem.
    I know that it's not a solution (it's not a good idea to use Local user in DynamicsNav service), but this fixed (at least temporary) the problem.
  • TonyHTonyH Member Posts: 223
    Have you given all the users "All" permission to the service tier folder on the middle tier?

    t
  • alexpeckalexpeck Member, Microsoft Employee Posts: 37
    The error message would suggest a problem with file system permissions. When the service tier interacts with the file system it uses either the service account or impersonates the user logged in to RTC (depending on the action). If your system works for some users it is unlikely there is a problem with the service account.

    Have a look under either C:\Documents and Settings\All Users\Application Data (xp/2003) or C:\ProgramData (vista/win7/2008). Here, you should be able to find the path \Microsoft\Microsoft Dynamics NAV\60\Server\<<Name of service instance>>. Each RTC user will create temporary files in here somewhere (I forget the exact folder structure). Look for files or folders associated with the user who cannot log in and check the ACLs.

    Alex
  • mcoAggiemcoAggie Member Posts: 23
    Thanks Alex. That is the kind of information I needed! Fixed it for me. \:D/

    I had a slightly more convoluted issue becasue this particular user had other permission issues across the network. Even though the AD group she was in had access to this server, for whatever reason it was not authenticating her properly.

    After adding her domain account directly on this server (with proper permissions) it worked fine.

    So make sure the users are at least properly able to read/write to the
    \Microsoft\Microsoft Dynamics NAV\60\Server\<<Name of service instance>> directory.
    Owen McDonald
    http://www.archerpoint.com
  • teckpohteckpoh Member Posts: 271
    Dear mcoAggie,

    I hit the same error message.
    "After adding her domain account directly on this server (with proper permissions) it worked fine.

    So make sure the users are at least properly able to read/write to the
    \Microsoft\Microsoft Dynamics NAV\60\Server\<<Name of service instance>> directory."[/quote

    May i know what u mean by add her domain account DIRECTLY to this server? the user already a AD(account domain) user.
    i'm still hitting the error msg :(

    Where is the exact path for "\Microsoft\Microsoft Dynamics NAV\60\Server\"?

    Any 1 having tis problem as well?
  • mcoAggiemcoAggie Member Posts: 23
    Ironically I just sat down at the computer.

    What I needed to do was add the user's AD account as a local user and give it permission to that directory on the service tier computer.
    Owen McDonald
    http://www.archerpoint.com
  • Big_DBig_D Member Posts: 207
    Hi guys - thanks for the great replies on this forum link - it certainly helped point me in the right direction =D> !

    Not familiar with AD's and Domain Accounts but looking in C:\Program Files\Microsoft Dynamics NAV\80\Service\Instances I couldn't see a named instance for the RTC Client that I required running, strange as I it was running okay in the MS Management Console. So I Created a new Instance, Kick Started and away I went again!

    Thanks guys.
    Big D signing off!
Sign In or Register to comment.