Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 304 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 260 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
WebServices user login
Wojtekm
Member Posts: 123
Hello,
I have NAV2009R2 installed in 3 tier enviroment.
WS service and NAV service are set up to logot as: Network Service.
I am testing WebService form local PC using IE on my own account in db (Super role) and i get WS list form browser. So WS works fine.
But when i`m testing WS using another account (Super role, the same PC) i get error message in borwser:
The login failed when connecting to SQL Server mysqlserver.
And error form SQL server
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
I`ve checked SPN and set permission to Object Change Listener but still nothing.
I`ve add, delete and synchronize users few times.
Both users are local Admins on NAV server.
](*,)
What else can i check?
regards,
Wojtekm
I have NAV2009R2 installed in 3 tier enviroment.
WS service and NAV service are set up to logot as: Network Service.
I am testing WebService form local PC using IE on my own account in db (Super role) and i get WS list form browser. So WS works fine.
But when i`m testing WS using another account (Super role, the same PC) i get error message in borwser:
The login failed when connecting to SQL Server mysqlserver.
And error form SQL server
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
I`ve checked SPN and set permission to Object Change Listener but still nothing.
I`ve add, delete and synchronize users few times.
Both users are local Admins on NAV server.
](*,)
What else can i check?
regards,
Wojtekm
0
Comments
2) Check that delegation is enabled for the computer account o which the service is running
3) After you change something, before you restart both services (stop both, start both), clear all kerberos tickts (klist -purge).
MVP - Dynamics NAV
My BLOG
NAVERTICA a.s.
1. There is no duplicate SPN,
2. Delegation is enabled for serwer account in AD,
3. I`ve clear ticket
Still working only for one user.
4. i`ve try NTLM (previously was SPNEGO).
The only differece in second user can login to WS webpage.
My own user get the same error: Loginfiled to SQL server and Anonymous login on SQL server event viewer.
regards,
MVP - Dynamics NAV
My BLOG
NAVERTICA a.s.
Sorry, i`m not clear in previous post - still 1 user can not see WS list.
EDIT<<
I have 2 users in my database. The same security (Super role), the same AD setup (local admins on NAV server).
I need to use both users to run WS.
One of this user can list WS in browse, second get error.
In my solution i wont to run WS in both account form .net project.
If i can run WS form browser my .net project works fine, but when i cant i get the same error form .net code.
But now we are talking only about access to WS form browser, .net projects works fine if only user can logon to WS.
regards,
I`ve made huge investigation.
User witch can see list of WS is database owner (not db_owner role but in database properties owner = mylogin).
I can run WS form NAV server (Application Server) using my account.
Second account still do not work.
Accesing form my local PC - do not work.
I`ve tried disable "Show friendly HTTP error messages" in IE - still the same error.
I`ve tried Kine`s script - and all looks fine.
Here is my SPN for 3 tier installation (according to Kine`s blog):
NAV services wuns on Network servises.
SQL - for mydomain\sqlservice user:
I`m using MSSQLSvc, but i have my own sql instance 'NAV'. But i read that sqlbrowser should find correct instance using port connection.
MSSQLSvc/sqlsrv.mydomain.local:1433
MSSQLSvc/sqlsrv:1433
NAV for mydomain\navsrv$ user:
DynamicsNAV/navsrv.mydomain.local:7046
DynamicsNAV/navsrv:7046
WS for mydomain\navsrv$ user:
http/navsrv.mydomain.local
http/navsrv
I`ve checked spn for duplicate with success.
And i still do not have any idea why second account do not work.
regards,
MVP - Dynamics NAV
My BLOG
NAVERTICA a.s.
After create SPN both users works but...
After few times log on for both users and connect form Visual Studio and it stop working ](*,).
The same error form SQL: Anonymous Logon
Is there any limitation to session logged as WS?
I`ve tried to clear all kerberos tickets.
Still nothing.
I`m using SPNEGO.
MVP - Dynamics NAV
My BLOG
NAVERTICA a.s.