Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.5K Microsoft Dynamics NAV
- 18.5K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 267 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 992 SQL General
- 384 SQL Performance
- 33 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 259 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
Options
Webservice access from outside of domain
lup83
Member Posts: 3
Hi
We've set up 3-tier environment using the webservice to gain access from a web-application which is not in the domain. We are however getting a "the login failed when connecting to the SQL-server".
When using the RTC client the SQL server can be accessed so we suppose our spn's are OK.
MSSQLSvc/SQL02
MSSQLSvc/SQL02.Domain.local:1433
DynamicsNAV/Navinas.Domain.local:7046
DynamicsNAV/NAVINAS:7046
http/NAVINAS
http/NAVINAS.domain.local
I've been trying to set up the httpcfg for the domain account running the
NAV service and NAV webservice
SID= S-1-5-21-66081788-624508030-944726268-1172
URL : http://+:7047/
ACL :
(A;;GX;;;S-1-5-21-66081788-624508030-944726268-1172)(A;;GX;;;WD)
URL : http://+:7047/DynamicsNAV/
ACL :(A;;GX;;;S-1-5-21-66081788-624508030-944726268-1172)(A;;GX;;;WD)(A;;GX;;;LS)
When accessing the webservices from the web server
http://navinas:7047/DynamicsNAV/WS//Services
I am prompted for a login and I can access the services only by using the Domain administrator account. All other logins fails.
Any suggestions would be appriciated
We've set up 3-tier environment using the webservice to gain access from a web-application which is not in the domain. We are however getting a "the login failed when connecting to the SQL-server".
When using the RTC client the SQL server can be accessed so we suppose our spn's are OK.
MSSQLSvc/SQL02
MSSQLSvc/SQL02.Domain.local:1433
DynamicsNAV/Navinas.Domain.local:7046
DynamicsNAV/NAVINAS:7046
http/NAVINAS
http/NAVINAS.domain.local
I've been trying to set up the httpcfg for the domain account running the
NAV service and NAV webservice
SID= S-1-5-21-66081788-624508030-944726268-1172
URL : http://+:7047/
ACL :
(A;;GX;;;S-1-5-21-66081788-624508030-944726268-1172)(A;;GX;;;WD)
URL : http://+:7047/DynamicsNAV/
ACL :
(A;;GX;;;S-1-5-21-66081788-624508030-944726268-1172)(A;;GX;;;WD)(A;;GX;;;LS)
When accessing the webservices from the web server
http://navinas:7047/DynamicsNAV/WS//Services
I am prompted for a login and I can access the services only by using the Domain administrator account. All other logins fails.
Any suggestions would be appriciated
0
Comments
Any sugestion? Thanks!
We got the problem solved by following these 3 steps.
1. In the middle tier group policy check following policy permissions. (This is optional but worth checking when still you get Delegation error)
Add these policies for this domain user under which NAV middle tier service runs.
A. “Enable this user and computer for delegation”
B. Run gpupdate /force in CMD prompt to update the policy.
2. Additionally you can also check the “UserAccountControl” flag value to 17367552
(TRUSTED_FOR_DELEGATION+TRUSTED_TO_AUTH_FOR_DELEGATION) according to following KB:
http://support.microsoft.com/kb/305144/en-us
3. We deleted the duplicate SPNs by running the commany SETSPN –X
Hopes it helps you!
xmlhttp.open('POST',Server_URL,FALSE,domain\user,password)
It is the task specific.. We use one account 4 one domain