Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 302 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 260 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
The service account has insufficient privileges to register service principal names
nasheer
Member Posts: 78
Dear Friends
I am setting up3 tier using cloud VM's, NAV app in one server, IIS on the second server & RDS on the 3rd.
As mentioned in the documentation, Enabled the 'ServiceLogonAccount' to register SPN on itself.
But event view i get the below message
'The service account has insufficient privileges to register service principal names in Active Directory.
Account: Domain\ServiceLogonAccount
Service principal names:
DynamicsNAV/ServerName:7045
DynamicsNAV/Servername.domain.com:7045'
Then i register SPN for the said manually,
setspn -a DynamicsNAV/ServerName:7045 ServiceLogonAccount
setspn -a DynamicsNAV/Servername.domain.com:7045 ServiceLogonAccount
eventhough the same message appears on the Event Viewer after restart the service.
Can you please help me on this?
Thanks & Regards
Nasheer.
I am setting up3 tier using cloud VM's, NAV app in one server, IIS on the second server & RDS on the 3rd.
As mentioned in the documentation, Enabled the 'ServiceLogonAccount' to register SPN on itself.
But event view i get the below message
'The service account has insufficient privileges to register service principal names in Active Directory.
Account: Domain\ServiceLogonAccount
Service principal names:
DynamicsNAV/ServerName:7045
DynamicsNAV/Servername.domain.com:7045'
Then i register SPN for the said manually,
setspn -a DynamicsNAV/ServerName:7045 ServiceLogonAccount
setspn -a DynamicsNAV/Servername.domain.com:7045 ServiceLogonAccount
eventhough the same message appears on the Event Viewer after restart the service.
Can you please help me on this?
Thanks & Regards
Nasheer.
0
Best Answer
-
kylehardin
Member Posts: 257
That service account (Domain\ServiceLogonAccount) will need to be granted access to write SPNs in Active Directory.Kyle Hardin - ArcherPoint5
Answers