Options

Nav Client Tier SPN Issue

Hi All,

I recently lost one of our servers and had to build a Microsoft Nav server from scratch. I have 3tiers on 3 computers. I have my Database tier, My NavSvr tier and My client tier. Currently on my new NavSvr I have Nav classic client and RTC working fine and connecting to the database, on my Client tier I have classic Client working fine but RTC is throwing me Various Errors. I am prettu sure I have narrowed this down to SPN and delegation issues but this is where I am stuck. As far as I am aware I have used the SetSpn CMD on my domain Controller correctly but obviously I haven't as it should work. Any advice would be greatly appreciated.

My Eventviewer is throwing this error "The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server database_admin. The target name used was host/navsvr. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server."

It is wirth pointing out that I changed the SPN recently and now instead to failing instantly with "cannot login to sql on the database" error it now attempts to load for maybe 2 minutes failing on "A call to sspi-see inner exception"

I hope I have made this somewhat clear.
Thanks Again

Niall

Comments

  • Options
    kylehardinkylehardin Member Posts: 257
    The Best Practices Analyzer might help you - it is in the BPA folder in your NAV installation DVD. Run it on your NAV Service Tier system.
    Kyle Hardin - ArcherPoint
  • Options
    NiallRobertNiallRobert Member Posts: 2
    Thank you
Sign In or Register to comment.