- This topic has 0 replies, 1 voice, and was last updated 9 years, 2 months ago by
.
-
Posts
-
-
I have a BizTalk project that needs to call a windows service via NetTcp binding and am having some trouble. The service works fine locally when running under NETWORK SERVICE account but this is unacceptable for our UAT and Production Environments per IT staff so I am trying to use a domain account that was given to me for said service. After changing to a domain account I started getting this error:
System.ServiceModel.Security.SecurityNegotiationException: A call to SSPI failed, see inner exception. —> System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. —> System.ComponentModel.Win32Exception: The target principal name is incorrect
After some quick googling I saw that I needed to set a service principal name and explicilty disable NTLM authentication so that Kerberos auth would be used for the domain account. So I used the setspn command for the domain account I am using, set AllowNTLM to false in the client side WCF config and also set the Service Principle Name appropriately in the client WCF config but am still getting the error. I’ve tried several different things including changing the AllowedImpersonationLevel etc but am still getting the error. I’m not sure if this is the appropriate place to ask the question since it’s more than likely not a BizTalk specific issue but rather a problem with WCF and the service but figured I would ask here in case anyone else had run into the error.
The service that is being called is a windows service running on a different machine in the same domain as the biztalk server
-
- The forum ‘BizTalk 2004 – BizTalk 2010’ is closed to new topics and replies.