Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 300 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 259 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
Nav Client Tier SPN Issue
NiallRobert
Member Posts: 2
Hi All,
I recently lost one of our servers and had to build a Microsoft Nav server from scratch. I have 3tiers on 3 computers. I have my Database tier, My NavSvr tier and My client tier. Currently on my new NavSvr I have Nav classic client and RTC working fine and connecting to the database, on my Client tier I have classic Client working fine but RTC is throwing me Various Errors. I am prettu sure I have narrowed this down to SPN and delegation issues but this is where I am stuck. As far as I am aware I have used the SetSpn CMD on my domain Controller correctly but obviously I haven't as it should work. Any advice would be greatly appreciated.
My Eventviewer is throwing this error "The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server database_admin. The target name used was host/navsvr. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server."
It is wirth pointing out that I changed the SPN recently and now instead to failing instantly with "cannot login to sql on the database" error it now attempts to load for maybe 2 minutes failing on "A call to sspi-see inner exception"
I hope I have made this somewhat clear.
Thanks Again
Niall
I recently lost one of our servers and had to build a Microsoft Nav server from scratch. I have 3tiers on 3 computers. I have my Database tier, My NavSvr tier and My client tier. Currently on my new NavSvr I have Nav classic client and RTC working fine and connecting to the database, on my Client tier I have classic Client working fine but RTC is throwing me Various Errors. I am prettu sure I have narrowed this down to SPN and delegation issues but this is where I am stuck. As far as I am aware I have used the SetSpn CMD on my domain Controller correctly but obviously I haven't as it should work. Any advice would be greatly appreciated.
My Eventviewer is throwing this error "The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server database_admin. The target name used was host/navsvr. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server."
It is wirth pointing out that I changed the SPN recently and now instead to failing instantly with "cannot login to sql on the database" error it now attempts to load for maybe 2 minutes failing on "A call to sspi-see inner exception"
I hope I have made this somewhat clear.
Thanks Again
Niall
0
Comments