Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 304 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 260 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
NAS SPN for the Service Tier for HTTP causing Kerberos error
defiant701
Member Posts: 79
Dear all,
I'm currently facing a problem with NAS in my environment. I'm using 2013 R2 on 3 different VM's (W2K12 R2) having Windows RM configured and the Service Tier ST running on dedicated AD account. So far so good and everything runs great. the SPN's (http/servername:port) are all created for the specific ports used for SOAP/ODATA/MGT/Client also everythings fine.
Now the issue:
One of my developers created a NAS solution and started this solution on the respective ST. The ST instance creates an new SPN with http again for the dedicated user account but only without any port.
This causes a dupplication of the http SPN one for the computer and one for the user.
Outcome in Server Manager:
a Kerberos error 0x80090322 --> Event ID 4
When removing the dubble entry for the Computer it's causing the ID 3, when removing the user SPN it's being recreated everytime the NAS runs
It's also causing an issue with the Web Client running on the same Computer as the ST so that users cannot connect to it due to "not verified user in NAV"
Does anyone also facing the same issues and is there a way of defining a port for NAS?
Feedback is welcome.
Kind regards
Defiant701
I'm currently facing a problem with NAS in my environment. I'm using 2013 R2 on 3 different VM's (W2K12 R2) having Windows RM configured and the Service Tier ST running on dedicated AD account. So far so good and everything runs great. the SPN's (http/servername:port) are all created for the specific ports used for SOAP/ODATA/MGT/Client also everythings fine.
Now the issue:
One of my developers created a NAS solution and started this solution on the respective ST. The ST instance creates an new SPN with http again for the dedicated user account but only without any port.
This causes a dupplication of the http SPN one for the computer and one for the user.
Outcome in Server Manager:
a Kerberos error 0x80090322 --> Event ID 4
When removing the dubble entry for the Computer it's causing the ID 3, when removing the user SPN it's being recreated everytime the NAS runs
It's also causing an issue with the Web Client running on the same Computer as the ST so that users cannot connect to it due to "not verified user in NAV"
Does anyone also facing the same issues and is there a way of defining a port for NAS?
Feedback is welcome.
Kind regards
Defiant701
0