Error connecting from client to Server using NavUserPassword

Nav_Dev_Learner

Hello!

I've installed the following setup today:
1) SQL and NAV2013-Server are on one server (a RTC client too).
2) On the customer PCs runs a RTC client. The PCs are not in the same domain as the server. Therefore I'm using NavUserPassword for authentication.

I've installed this setup using this manual and checked it with the official ones:
http://saurav-nav.blogspot.co.at/2012/1 ... o-use.html

http://msdn.microsoft.com/en-us/library ... 8(v=nav.70).aspx
http://msdn.microsoft.com/en-us/library ... 7(v=nav.70).aspx

On the server I can login using user and password.
On the client I've installed the RootNavServiceCA.cer and RootNavServiceCA.crl and changed the clientusersettings.config, but the login doesn't work.

I can enter User and Password, after pressing "ok" I've to wait for about 30 seconds, then I get this message:
>The program could not create a connection to the server. Do you want to try again?<

hery_halim

hi,

you may check the event viewer for additional information.

Most of the time, it will point you to the right direction.

Nav_Dev_Learner

Hi hery,

Thanks for your reply but the event viewer reads like below -

The service could not add service principal names because the service account could not be found in Active Directory.
Account: NAVSERVER-PC\NAVSERVER
Service principal names:
http/NAVSERVER-PC:7047
http/NAVSERVER-PC:7047

First thing like we do not use any Active Directory Services in our corporate hence we are making use of the "NavUserPassword" authentication procedure. I could run the configuration on the server machine which is always working fine but the issue still exists on the client machines which on trying to connect gives me an error saying - there is no server found -

Could you suggest me any solution.

Thanks in advance

libin80

Hi,

We also don't use the Active Directory Services & we use "NavUserPassword" authentication procedure.
The connection to NAV works fine from the server, But get the following error when connected from another machine.

---

Microsoft Dynamics NAV

---

The Service Principal Name (Delegation) configuration has been set incorrectly. Server connect URL: "net.[url=tcp://nav2013:7046/Live/Service]tcp://nav2013:7046/Live/Service[/url]". SPN Identity: "DynamicsNAV/nav2013:7046"

The X.509 certificate CN=NAV2013R2 is not in the trusted people store. The X.509 certificate CN=NAV2013R2 chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority.

---

OK

---

We have sync the server and client clock.
We have added the certificate in server under "Trusted Root Certification" & under "Trusted People" on the client system.

Kindly let me know how you got this issue fixed.

Thanks
Libin D

nav_nav

Very similar issue here. Followed http://msdn.microsoft.com/en-us/library ... 8(v=nav.80).aspx
Works ok, but NAV no longer starts and in the event log I see:
Server instance: DynamicsNAV80
The service could not add service principal names because the service account could not be found in Active Directory.
Account: NT AUTHORITY\NETWORK SERVICE
Service principal names:
DynamicsNAV/WIN-DF0KIG12C22:7045
DynamicsNAV/WIN-DF0KIG12C22:7045

I am running this NAV 2015 on AWS, no Active Directory. Would that be a prerequisite? Is there a workaround?

Rikt-It

test to use IP-adress (server-adress)

nav_nav

Come again please?

Rikt-It

run the Nav-service under a service-Account (not under NT NETWORK...)

follow:
http://saurav-nav.blogspot.se/2012/12/n ... o-use.html

Yes It's tricki...

I have created a new Nav-service/instance, side-by-side, so we can now use nav from our ad-NETWORK and password-version for persons "outside"


We always use ServiceTierAdministrator from Tegos, it's free, and You find it in mibuso-download, and we use .net portsharing-service.


In the Nav-client "outside":
Use IP-adress to find Nav-server

nav_nav

This post allowed me to make loging in with NavUserPasword setting possible, also managed to use the self signed certificate. Single Sign on with Office 365 is still not working though. Very hard process it seems.

Any clue how this post can be tied to O365 single sign on?

Rikt-It

Hi,

I haven't Done it My self but:

http://msdn.microsoft.com/en-us/library ... 80%29.aspx

can be of intres/help