Webservice in DMZ returns Login failed with "login is from an untrusted domain"
rthsw
Member Posts: 73
Hi there,
we want to set up a nav web service in the DMZ for security reasons. This computer has no AD and is not a member of the domain.
On this computer I have installed the Navision-NST (Nav2015 / 8.0.41779.0) and the IIS.
I switched the NST to NavUserPassword, because he should later authenticate the Internet logg-ins in with name & password.
I've done this according to this guide
https://saurav-nav.blogspot.com/2013/11 ... ent_3.html
created a security certificate and entered the thumbprint.
In the login data I have given him a name & password, which also exists on the SqlServer.
I also tried leaving the domain empty, but Navision does not allow.
Navision also does not allow me to store a real domain user here because it can not check the data.
In the service control I also tried to re-enter the right user manually.
I can not add a domain user because Navision can not check the credentials. (Serer is not in the domain for security reasons).
As soon as I start the NST, he brings this error message (in German):
The login is from an untrusted domain and can not be used with Windows authentication.
On the SQL server it looks like this: (original, in english, not translated)
01/30/2019 12: 41: 21, Logon, Unknown, Login failed. The login is in an untrusted domain and can not be used with Windows authentication. [CLIENT: fe80 :: a825: e952: edcc: d7e6% 5]
01/30/2019 12: 41: 21, Logon, Unknown, Error: 18452 <c /> Severity: 14 <c /> Status: 1.
The SQL-Server is configured to mixed logins.
There is really no user displayed! Normally, the SQL server itself shows me the specific user in the logs.
And: I DON'T want a domain login and i DON'T want Windows Authentication.
He should log on to the SQL with the assigned name & password.
INSIDE the domain, too, I have another NST running on a domain member machine. It also has the thumbprint and user / password in the login data. He does that as normal as expected.
Connection Test:
I can create an ODBC data source on the DMZ computer and enter exactly the same user as I entered in the NST: Works! Means the connection itself between DMZ-computer and SQL_Server works, the authentication "itself" with the same user credentials works also. Nevertheless, the NST does not log on to the SQL.
Does anyone have a hint for me?
we want to set up a nav web service in the DMZ for security reasons. This computer has no AD and is not a member of the domain.
On this computer I have installed the Navision-NST (Nav2015 / 8.0.41779.0) and the IIS.
I switched the NST to NavUserPassword, because he should later authenticate the Internet logg-ins in with name & password.
I've done this according to this guide
https://saurav-nav.blogspot.com/2013/11 ... ent_3.html
created a security certificate and entered the thumbprint.
In the login data I have given him a name & password, which also exists on the SqlServer.
I also tried leaving the domain empty, but Navision does not allow.
Navision also does not allow me to store a real domain user here because it can not check the data.
In the service control I also tried to re-enter the right user manually.
I can not add a domain user because Navision can not check the credentials. (Serer is not in the domain for security reasons).
As soon as I start the NST, he brings this error message (in German):
The login is from an untrusted domain and can not be used with Windows authentication.
On the SQL server it looks like this: (original, in english, not translated)
01/30/2019 12: 41: 21, Logon, Unknown, Login failed. The login is in an untrusted domain and can not be used with Windows authentication. [CLIENT: fe80 :: a825: e952: edcc: d7e6% 5]
01/30/2019 12: 41: 21, Logon, Unknown, Error: 18452 <c /> Severity: 14 <c /> Status: 1.
The SQL-Server is configured to mixed logins.
There is really no user displayed! Normally, the SQL server itself shows me the specific user in the logs.
And: I DON'T want a domain login and i DON'T want Windows Authentication.
He should log on to the SQL with the assigned name & password.
INSIDE the domain, too, I have another NST running on a domain member machine. It also has the thumbprint and user / password in the login data. He does that as normal as expected.
Connection Test:
I can create an ODBC data source on the DMZ computer and enter exactly the same user as I entered in the NST: Works! Means the connection itself between DMZ-computer and SQL_Server works, the authentication "itself" with the same user credentials works also. Nevertheless, the NST does not log on to the SQL.
Does anyone have a hint for me?
0
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 116 Navision DOS
- 851 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 617 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 320 Dynamics CRM
- 111 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 990 SQL General
- 383 SQL Performance
- 34 SQL Tips & Tricks
- 35 Design Patterns (General & Best Practices)
- 1 Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.6K General
- 1.1K General Chat
- 1.6K Website
- 83 Testing
- 1.2K Download section
- 23 How Tos section
- 252 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions