NAS SPN for the Service Tier for HTTP causing Kerberos error
defiant701
Member Posts: 79
Dear all,
I'm currently facing a problem with NAS in my environment. I'm using 2013 R2 on 3 different VM's (W2K12 R2) having Windows RM configured and the Service Tier ST running on dedicated AD account. So far so good and everything runs great. the SPN's (http/servername:port) are all created for the specific ports used for SOAP/ODATA/MGT/Client also everythings fine.
Now the issue:
One of my developers created a NAS solution and started this solution on the respective ST. The ST instance creates an new SPN with http again for the dedicated user account but only without any port.
This causes a dupplication of the http SPN one for the computer and one for the user.
Outcome in Server Manager:
a Kerberos error 0x80090322 --> Event ID 4
When removing the dubble entry for the Computer it's causing the ID 3, when removing the user SPN it's being recreated everytime the NAS runs
It's also causing an issue with the Web Client running on the same Computer as the ST so that users cannot connect to it due to "not verified user in NAV"
Does anyone also facing the same issues and is there a way of defining a port for NAS?
Feedback is welcome.
Kind regards
Defiant701
I'm currently facing a problem with NAS in my environment. I'm using 2013 R2 on 3 different VM's (W2K12 R2) having Windows RM configured and the Service Tier ST running on dedicated AD account. So far so good and everything runs great. the SPN's (http/servername:port) are all created for the specific ports used for SOAP/ODATA/MGT/Client also everythings fine.
Now the issue:
One of my developers created a NAS solution and started this solution on the respective ST. The ST instance creates an new SPN with http again for the dedicated user account but only without any port.
This causes a dupplication of the http SPN one for the computer and one for the user.
Outcome in Server Manager:
a Kerberos error 0x80090322 --> Event ID 4
When removing the dubble entry for the Computer it's causing the ID 3, when removing the user SPN it's being recreated everytime the NAS runs
It's also causing an issue with the Web Client running on the same Computer as the ST so that users cannot connect to it due to "not verified user in NAV"
Does anyone also facing the same issues and is there a way of defining a port for NAS?
Feedback is welcome.
Kind regards
Defiant701
0
Categories
- All Categories
- 75 General
- 75 Announcements
- 66.7K Microsoft Dynamics NAV
- 18.8K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 116 Navision DOS
- 851 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 610 NAV Courses, Exams & Certification
- 1.9K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 251 Dynamics CRM
- 103 Dynamics GP
- 6 Dynamics SL
- 1.5K Other
- 991 SQL General
- 383 SQL Performance
- 34 SQL Tips & Tricks
- 28 Design Patterns (General & Best Practices)
- Architectural Patterns
- 9 Design Patterns
- 4 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.6K General
- 1K General Chat
- 1.6K Website
- 77 Testing
- 1.2K Download section
- 23 How Tos section
- 249 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions