RTC Delegation not working
dspace
Member Posts: 15
I have created a 3-tier setup. The server and SQLserver interact nicely, but when I try to run an RTC, I get a "login failed when connecting to SQlServer". I have setup SPNs on the ad server and have used dsa to setup delegation.
When I look at the event log after a failed attempt, it says that SQLServer did not allow access to MY domain username, not the delegated domain username. It's as if the delegation did not exist.
Any thoughts or suggestions? Thanks.
When I look at the event log after a failed attempt, it says that SQLServer did not allow access to MY domain username, not the delegated domain username. It's as if the delegation did not exist.
Any thoughts or suggestions? Thanks.
0
Comments
-
Are you using domain service accounts or network service?
t0 -
Domain account.0
-
Have you checked for duplicate SPN's?
If you have try going back to using a network service account, and see if you have the same issue...
t0 -
You can check for duplicate SPNs using Setpsn-x on the CMD Prompt...
t
EDIT : -
You can also set SQL server to dynamically generate SPN's.
I know it says SQL 2000 but this is the article I was sent to by an MS engineer on another issue, not tried it yet, but will do on my next install.
http://support.microsoft.com/kb/319723/en-us0 -
No duplicate SPNs.0
-
Can you try running this tool and see what it shows?
https://mbs.microsoft.com/partnersource ... zerNAV2009
t0 -
I'm not authorized to view that page, but if that is the Best Practices analyzer, I have run that and the only issue it shows is the Web Services service is stopped, which is true.0
-
Okay,
Flick it (NST) back to network service, reapply the Delegation based on <ComputerName>$. Don't worry about SPN's and give that a try....
t0 -
The problem with that is I originally had it setup with network service. I figured that would be quick and easy and I could move it later. It had the same problem then and I thought that maybe using a domain login would solve it - I was wrong. I guess I'll just have to wait for partner to get us on their schedule. I was hoping that I could try out some things ahead of time, but had no idea how fussy the install would be - you gotta love .net and ad and all the other related technologies
Thanks for your suggestions. I'll post the answer when we finally discover it.0 -
Try setting it to Network Service and follow the guidelines here in this MSDN Article for delegation
http://msdn.microsoft.com/en-us/library/dd568720.aspx
Ignore the SPN's.
Ensure that <ComputerName>$ is setup as a used in the SQL Database and that you have the listener as the default schema... as long as there is nothing crazy happening on your network it will work..
http://msdn.microsoft.com/en-us/library/dd568739.aspx
t0 -
dear dspace,
have you found any solution to this problem of yours?
we am also stuck the same way as you. please let us know.
thank you.
best regards,
Anish0 -
No luck yet, but am expecting some professional help in the next week or two. As soon as I have a solution, I will post it here.0
-
Dear dspace,
Just succeeded to connect the NAV database using the RTC over three computers.
Followed the steps given in the Walkthrough: Installing the Three Tiers on Three Computers ( http://msdn.microsoft.com/en-us/library/dd301254.aspx ). Used the default Network Service account as the service account of NAV Services. Then configured the OCL using the NAV Server computer as login, i.e., <Computer Name>$ (e.g.: DSCP25310$). Skipped the creation of spns (deleted the existing MSSQLSvc spns) and also the delegation part.
Connected the database (the demo database installed in the NAVSQL machine) with the classic client and added the Network Service account along with a Domain Account in the Windows Logins and assigned the roles Super to them. Also given full access to the domain account in the Service folder in the NAVServer machine where the NAV Service Tier is installed. Finally logged into the third machine with the Domain Account and started the RTC and it successfully connected to the database.
\:D/
Let me know if it solved your issue as well.
Best Regards,
Anish0
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 116 Navision DOS
- 851 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 617 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 320 Dynamics CRM
- 111 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 990 SQL General
- 383 SQL Performance
- 34 SQL Tips & Tricks
- 35 Design Patterns (General & Best Practices)
- 1 Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.6K General
- 1.1K General Chat
- 1.6K Website
- 83 Testing
- 1.2K Download section
- 23 How Tos section
- 252 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions