Options

NAS SPN for the Service Tier for HTTP causing Kerberos error

defiant701defiant701 Member Posts: 79
edited 2014-03-07 in NAV Three Tier
Dear all,

I'm currently facing a problem with NAS in my environment. I'm using 2013 R2 on 3 different VM's (W2K12 R2) having Windows RM configured and the Service Tier ST running on dedicated AD account. So far so good and everything runs great. the SPN's (http/servername:port) are all created for the specific ports used for SOAP/ODATA/MGT/Client also everythings fine.

Now the issue:
One of my developers created a NAS solution and started this solution on the respective ST. The ST instance creates an new SPN with http again for the dedicated user account but only without any port.
This causes a dupplication of the http SPN one for the computer and one for the user.

Outcome in Server Manager:
a Kerberos error 0x80090322 --> Event ID 4
When removing the dubble entry for the Computer it's causing the ID 3, when removing the user SPN it's being recreated everytime the NAS runs

It's also causing an issue with the Web Client running on the same Computer as the ST so that users cannot connect to it due to "not verified user in NAV"

Does anyone also facing the same issues and is there a way of defining a port for NAS?

Feedback is welcome.

Kind regards
Defiant701
Debuggers don't remove bugs, they only show them in slow-motion

LinkedIn
XING
Sign In or Register to comment.