You’re offline. This is a read only version of the page.
100
Dynamics AX 2012 client uses WCF services to run SSRS reports (located in SSRS server). This WCF component uses negotiate authentication, it first tries kerberos, if that fails then it tries NTLM authentication.
About kerberos:
http://technet.microsoft.com/en-us/library/dd560679%28WS.10%29.aspx
When WCF client starts to authenticate it asks its own domain controller: where I can get kerberos ticket for the AX (AOS) service? If its own domain controller (AX client located in different domain than AOS and SSRS servers - 2-way AD trust between them). = Domain controller located in the same domain where the client is located answers: you cannot get kb ticket from me but I know where you can get it. You can get it from domain where the AOS and SSRS servers are. Client starts to query ticket from that domain controller. If kerberos ports are closed in firewall then AX client shows infolog: SSPI error (when running SSRS report).
If kerberos ports are open in firewall and kerberos authentication (spn) is not configured then client continues authentication in NTLM to authenticate in AOS/SSRS servers. If kb is properly configured (AOS, SSRS) then it uses kerbertos.
*This post is locked for comments
I have the same question (0)
Hi,
Please don't use this forum to share blog posts. You can use this link to request a space for your blogs on the community:
community.dynamics.com/.../136.request-a-new-blog-or-blog-to-syndicate.aspx
Share
Report
All responses (
Answers (
