mibuso.com
Home NAV Three Tier

RTC login fail in Three Tiers Installtion

yukonyukon Member Posts: 361
edited 2011-12-29 in NAV Three Tier
Hi all,

This few day ago, i installed the NAV R2 at my client site. My installation is refer Walkthrough: Installing the Three Tiers on Three Computershttp://msdn.microsoft.com/en-us/library/dd301254.aspx. After installed all workstation cannot connect to the NAV Server. I got "DB Login" fail. But NAV Server can open RTC and NAV Classic can connect to SQL with Window Auth. Then i run the "Microsoft Dynamics NAV 2009 Best Practices Analyzer", it also no error. At the event log also no error.

When i check the SPN for SQL, they(client vendor) set like that 
RestrictBrHost/SQL.domain.local
RestrictBrHost/SQL.domain.local:1433
but when i check the SQL instance name, it is "empty". My understanding, SQL instance name is empty we should be set SPN for SQL is 
MSSQLSvc/SQL.domain.local
MSSQLSvc/SQL.domain.local:1433

If i remove their SPN, NAV Classic cannot connect with Window Auth. :-k

Now RTC stay cannot connect to DB with "DB Login fail". Is it because of SPN of SQL?

Kindly, give me a idea.

XMas to all.

Regards,
Yukon
Make Simple & Easy

Comments

  • kinekine Member Posts: 12,562
    In most cases yes, it is because SPNs. And yes, default instance of SQL is named MSSQLSvc. Question is, if it is registered for correct account. Another point is, if the account of NAV Server is trusted for delegation, and last one is, that you need to kill all current Kerberos tickets when you change the SPNs on the server, else it will not take into account the changes until the current tickets expires ('tlist purge' if I remmember correctly).
    Kamil Sacek
    MVP - Dynamics NAV
    My BLOG
    NAVERTICA a.s.
  • yukonyukon Member Posts: 361
    Hi Kine,

    Thanks for your reply. I waiting long time for ans of my ques. :mrgreen:
    kine wrote:
    Question is, if it is registered for correct account. Another point is, if the account of NAV Server is trusted for delegation, and last one is, that you need to kill all current Kerberos tickets when you change the SPNs on the server, else it will not take into account the changes until the current tickets expires ('tlist purge' if I remmember correctly).

    I did correct delegation and trusted for a/c of NAV Server but after set SPN and delegation i didn't restart the domain server.(NAV Server and SQL is restarted).

    1. Do i need to change SPN for SQL? (MSSQLSvc/SQL.domain.local)
    2. Do i need to restart after change the setting?


    Regards,
    Yukon
    Make Simple & Easy
  • kinekine Member Posts: 12,562
    It looks like yes, you need to change the SPN for SQL if what you described is true (default instance of SQL)
    No, you do not need to restart the server. You only need to flush the Kerberos tickets already issued by the command I wrote about (correctly it is "klist purge") on the server and restart the NAV service.
    Kamil Sacek
    MVP - Dynamics NAV
    My BLOG
    NAVERTICA a.s.
  • yukonyukon Member Posts: 361
    Hi Kine,
    kine wrote:
    No, you do not need to restart the server. You only need to flush the Kerberos tickets already issued by the command I wrote about (correctly it is "klist purge") on the server and restart the NAV service.

    Wow.... It's good for me. Specially i don't wann to restart the server.
    Thanks for your reply. Currently i'm out of office. :) I'll let you know what is result.


    Regards,
    Yukon
    Make Simple & Easy
Sign In or Register to comment.