I have created a 3-tier setup. The server and SQLserver interact nicely, but when I try to run an RTC, I get a "login failed when connecting to SQlServer". I have setup SPNs on the ad server and have used dsa to setup delegation.
When I look at the event log after a failed attempt, it says that SQLServer did not allow access to MY domain username, not the delegated domain username. It's as if the delegation did not exist.
Any thoughts or suggestions? Thanks.
0
Comments
t
If you have try going back to using a network service account, and see if you have the same issue...
t
t
EDIT : -
You can also set SQL server to dynamically generate SPN's.
I know it says SQL 2000 but this is the article I was sent to by an MS engineer on another issue, not tried it yet, but will do on my next install.
http://support.microsoft.com/kb/319723/en-us
https://mbs.microsoft.com/partnersource ... zerNAV2009
t
Flick it (NST) back to network service, reapply the Delegation based on <ComputerName>$. Don't worry about SPN's and give that a try....
t
Thanks for your suggestions. I'll post the answer when we finally discover it.
http://msdn.microsoft.com/en-us/library/dd568720.aspx
Ignore the SPN's.
Ensure that <ComputerName>$ is setup as a used in the SQL Database and that you have the listener as the default schema... as long as there is nothing crazy happening on your network it will work..
http://msdn.microsoft.com/en-us/library/dd568739.aspx
t
have you found any solution to this problem of yours?
we am also stuck the same way as you. please let us know.
thank you.
best regards,
Anish
Just succeeded to connect the NAV database using the RTC over three computers.
Followed the steps given in the Walkthrough: Installing the Three Tiers on Three Computers ( http://msdn.microsoft.com/en-us/library/dd301254.aspx ). Used the default Network Service account as the service account of NAV Services. Then configured the OCL using the NAV Server computer as login, i.e., <Computer Name>$ (e.g.: DSCP25310$). Skipped the creation of spns (deleted the existing MSSQLSvc spns) and also the delegation part.
Connected the database (the demo database installed in the NAVSQL machine) with the classic client and added the Network Service account along with a Domain Account in the Windows Logins and assigned the roles Super to them. Also given full access to the domain account in the Service folder in the NAVServer machine where the NAV Service Tier is installed. Finally logged into the third machine with the Domain Account and started the RTC and it successfully connected to the database.
\:D/
Let me know if it solved your issue as well.
Best Regards,
Anish