NAV 2009 (all versions) 2 part delegation configuration enabling access to Network File Share over 3-tier configuration

NAV 2009 (all versions) 2 part delegation configuration enabling access to Network File Share over 3-tier configuration

  • Comments 0

In the RoleTailored client, operations such as RENAME and COPY fail if the destination for the file operation is not on the computer running Microsoft Dynamics NAV Server. One solution is to configure Microsoft Dynamics NAV Server to delegate on behalf of the RoleTailored client as described in this topic. In this case, you may also need to configure Microsoft Dynamics NAV Server to delegate to the cifs service on the destination computer. To avoid this complication entirely, define file operations so that the destination is always on the computer running Microsoft Dynamics NAV Server. You can then use a shared folder on the computer running Microsoft Dynamics NAV Server and share it with all users who require access to the files.

If you have deployed Dynamics NAV 2009 R2 in a 3-tier configuration then you can follow steps below.

Steps

In order to work with UNC link/Network share you must follow 2 stages of delegation the Middle Tier to the machine where the share is and choose the CIFS (Common Internet File System (CIFS) File Access Protocol or CIFS) from the list of services available, as per the images below on the three-tier environment:

STAGE 1

You need to delegate from the Middle Tier Service Account to the CIFS service running on the machine where the file share is located.

In the image above, the service account is called navservice under which the middle tier is running. The delegation has been setup for Service Type cifs on the machine where the file share is located; in this case the machine is called NAV-CLIENT.

(please ignore the fact that constraint delegation is missing. Image used to show CIFS)

 STAGE 2 

Set up Constraint delegation on the MACHINE ACCOUNT (machine name of NAV Server) of the NAV Server machine to the CIFS Service of the machine where the file share is located. It is the same process you followed earlier to add CIFS delegation for the Service Account but we are doing this now from NAV machine account to
Network Share destination machine account.

IMPORTANT!!

  • Once this change is has been made then please purge the ticket on the NAV Server machine using the Windows 2008 R2 command KLIST PURGE
  • Purge the ticket on the File Share machine if possible (Windows 2008 R2 same command as above or if it is a Windows 7 machine then you will need kerbtray.exe from this link)

It is paramount that you reboot the NAV Server and File Share Server after this change!

 

Best regards

Zeeshan Mehdi

The Microsoft Dynamics NAV Support team

Leave a Comment
  • Please add 3 and 3 and type the answer here:
  • Post