Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 304 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 260 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
Login problem while using "NavUserPaswword" in NAV2013 clien
RV_18
Member Posts: 10
Dear members,
I am facing an issue while connecting a client machine with the Nav Server through NavUserPassword ](*,) . Error message I am getting is shown below. But if I login to Nav client from server machine thru same credential type, then everything is running fine. Please suggest how this problem can be resolved or root cause of this:-
ERROR -
"The Service Principal Name (Delegation) has been set incorrectly. Server connect URL: "net.[url=tcp://server:7046/DynamicsNAV/Service]tcp://server:7046/DynamicsNAV/Service[/url]". SPN Identity: "DynamicsNAV/server:7046.
The X.509 certificate CN=navServiceCert id not in the trusted people store. The X.509 certificate CN=NavServiceCert chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority"
Thanks in advance
Regards,
RV
I am facing an issue while connecting a client machine with the Nav Server through NavUserPassword ](*,) . Error message I am getting is shown below. But if I login to Nav client from server machine thru same credential type, then everything is running fine. Please suggest how this problem can be resolved or root cause of this:-
ERROR -
"The Service Principal Name (Delegation) has been set incorrectly. Server connect URL: "net.[url=tcp://server:7046/DynamicsNAV/Service]tcp://server:7046/DynamicsNAV/Service[/url]". SPN Identity: "DynamicsNAV/server:7046.
The X.509 certificate CN=navServiceCert id not in the trusted people store. The X.509 certificate CN=NavServiceCert chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority"
Thanks in advance
Regards,
RV
0
Comments
i have had a lot of (different) problems too, when first trying to implement this Authentication Mode.
The following steps are my short list to remember what to do. Doing so, everything is working fine.
Perhaps you should try from the start, that's what i have done (several times).
On NAV Server Machine:
1. create Certificate per CMD Shell (Run as Administrator):
makecert -n "CN=RootNavServiceCA" -r -sv RootNavServiceCA.pvk RootNavServiceCA.cer
2. import RootNavServiceCA.cer per mmc (sorry, i don't know the exakt Folder Name in English, something with thrustworthy root certificate, i guess)
3. create Revocation List per CMS Shell:
makecert -crl -n "CN=RootNavServiceCA" -r -sv RootNavServiceCA.pvk RootNavServiceCA.crl
4. import Revocation List per mmc (same Folder as in 2.)
5. create Certificate Name per CMD Shell:
makecert -sk NavServiceCert -iv RootNavServiceCA.pvk -n "CN=NavServiceCert" -ic RootNavServiceCA.cer -sr localmachine -ss my -sky exchange -pe NavServiceCert.cer
6. in mmc, update own certficates folder and go to NavServiceCert, manage private keys: allow everything for the account under which the NAV Service is running)
7. copy Thumbprint of NavServiceCert to NAV Service per NAV Administration Console and edit Credential Type too, then restart/start Service
8. edit ClientUserSettings.config
On Client Machine
9. Import RootNavServiceCA.cer and Revocation List (same Folder as in 2.)
10. edit ClientUserSettings.config
You should find detailed information here:
http://msdn.microsoft.com/en-us/library/gg502478(v=nav.70).aspx
and here:
http://msdn.microsoft.com/en-us/library/gg502467(v=nav.70).aspx
The client machine could not establish a connection to the Microsoft Dynamics NAV server.
FaultCode = 'InvalidSecurity'
Reason = 'An error occurred when verifying security for the message.
Anyone who has encountered this error message and solved it?
have you manage to log in on remote computer? how to solve that?
Superpuz
Yes superpuz, I did manage to login using a client machine (Not the server machine) both through the Windows credential type and NavUserPassword credential type.