Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Error message when you start Business Portal on a workstation: "Error: Service principal name (SPN) for user 'domain\user' not found in Active Directory"

Error message when you start Business Portal on a workstation: "Error: Service principal name (SPN) for user 'domain\user' not found in Active Directory"

Symptoms

When you start Business Portal in Microsoft Dynamics GP or in Microsoft Dynamics SL on a workstation, you receive the following error message:
Error: Service principal name (SPN) for user ‘domain\user' not found in Active Directory

↑ Back to the top

Cause

This issue occurs when the following conditions are true:
  • The virtual server is extended in SharePoint Central Administration.
  • Kerberos authentication is selected.
  • The Active Directory directory service is not configured to use Kerberos authentication.

↑ Back to the top

Resolution

To resolve this issue, use NTLM authentication instead of Kerberos authentication.

Note If you must use Kerberos authentication, visit the following Microsoft Web site for more information:
http://www.microsoft.com/windowsserver2003/technologies/security/kerberos/default.mspx
To enable NTLM authentication, follow these steps:
  1. On the server that is running Microsoft Internet Information Services (IIS), click Start, click Run, type cmd, and then click OK.
  2. At the command prompt, type the following command, and then press ENTER:
    cd Drive:\inetpub\adminscripts
    Note Replace Drive with the name of the hard disk drive on which Windows Server 2003 is installed.
  3. At the command prompt, type the following command, and then press ENTER:
    cscript adsutil.vbs get w3svc/xx/NTAuthenticationProviders
    Note Replace xx with the virtual server ID number. To determine the virtual server ID number, follow these steps:
    1. On the server that is running IIS, click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
    2. Expand the computer name, expand Web Sites, right-click the Web site on which you installed Business Portal, and then click Properties.
    3. Click the Web Site tab, and then click Properties next to the Active Log Format box.
    4. Note the path and file name of the .log file. The path and file name are similar to the following:
      W3SVCxx\exyymmdd.log
      In this path, xx represents the virtual server ID number.
  4. To enable NTLM authentication on the virtual server, type the following command at the command prompt, and then press ENTER:
    cscript adsutil.vbs set w3svc/xx/NTAuthenticationProviders "NTLM"
    Note Replace xx with the virtual server ID number that you noted in step 3.
  5. Restart IIS. To do this, follow these steps:

    1. Click Start, click Run, type cmd, and then click OK.
    2. At the command prompt, type iisreset, and then press ENTER.
    3. At the command prompt, type exit, and then press ENTER.
  6. Start Microsoft Internet Explorer on a workstation, and then type the following URL on the Address bar:
    http://xx/sites/businessportal
    Note Replace xx with the name of the server.

↑ Back to the top

Keywords: kberrmsg, kbmbspartner, kbsolomonbp, kbgreatplainsbp, kbmbsmigrate, kbprb, kb

↑ Back to the top

Article Info
Article ID : 914896
Revision : 1
Created on : 1/7/2017
Published on : 7/14/2012
Exists online : False
Views : 83