Webservice in DMZ returns Login failed with "login is from an untrusted domain"

rthswrthsw Member Posts: 73
edited 2019-01-30 in NAV Three Tier
Hi there,

we want to set up a nav web service in the DMZ for security reasons. This computer has no AD and is not a member of the domain.

On this computer I have installed the Navision-NST (Nav2015 / 8.0.41779.0) and the IIS.
I switched the NST to NavUserPassword, because he should later authenticate the Internet logg-ins in with name & password.

I've done this according to this guide
https://saurav-nav.blogspot.com/2013/11 ... ent_3.html
created a security certificate and entered the thumbprint.

In the login data I have given him a name & password, which also exists on the SqlServer.

I also tried leaving the domain empty, but Navision does not allow.
Navision also does not allow me to store a real domain user here because it can not check the data.
In the service control I also tried to re-enter the right user manually.
I can not add a domain user because Navision can not check the credentials. (Serer is not in the domain for security reasons).

As soon as I start the NST, he brings this error message (in German):
The login is from an untrusted domain and can not be used with Windows authentication.

On the SQL server it looks like this: (original, in english, not translated)
01/30/2019 12: 41: 21, Logon, Unknown, Login failed. The login is in an untrusted domain and can not be used with Windows authentication. [CLIENT: fe80 :: a825: e952: edcc: d7e6% 5]
01/30/2019 12: 41: 21, Logon, Unknown, Error: 18452 <c /> Severity: 14 <c /> Status: 1.

The SQL-Server is configured to mixed logins.

There is really no user displayed! Normally, the SQL server itself shows me the specific user in the logs.
And: I DON'T want a domain login and i DON'T want Windows Authentication.

He should log on to the SQL with the assigned name & password.
INSIDE the domain, too, I have another NST running on a domain member machine. It also has the thumbprint and user / password in the login data. He does that as normal as expected.

Connection Test:
I can create an ODBC data source on the DMZ computer and enter exactly the same user as I entered in the NST: Works! Means the connection itself between DMZ-computer and SQL_Server works, the authentication "itself" with the same user credentials works also. Nevertheless, the NST does not log on to the SQL.

Does anyone have a hint for me?
Sign In or Register to comment.