web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics GP (Archived) / GP Web Services: SOAP ...
Microsoft Dynamics GP (Archived)

GP Web Services: SOAP Security Negotiation

(0) ShareShare
ReportReport
Posted on by chadbruels 1,588

I have a client getting this error:

"SOAP security negotiation with 'http://<redacted>:48620/Dynamics/GPService/GPService' for target 'http://<redacted>:48620/Dynamics/GPService/GPService' failed. See inner exception for more details."

{"Security Support Provider Interface (SSPI) authentication failed. The server may not be running in an account with identity 'host/<redacted>. If the server is running in a service account (Network Service for example), specify the account's ServicePrincipalName as the identity in the EndpointAddress for the server. If the server is running in a user account, specify the account's UserPrincipalName as the identity in the EndpointAddress for the server."}

I am a bit green on configuring web services generally, so I don't know exactly where to go with this.

*This post is locked for comments

I have the same question (0)
  • Verified answer
    chadbruels Profile Picture
    chadbruels 1,588 on at

    My new understanding of this issue today is the exception listed above was received in the developer's IDE. However, we find this very common error in the web services exception console:

    The source was not found, but some or all event logs could not be searched.

    So we took the approach of elevating the eConnect service account to a local admin and performed a repair on the eConnect installation. You can find a write-up of this error at the Dynamics GP Land blog.

  • steveendow Profile Picture
    steveendow 2,281 on at

    Hi Chad,

    Do you recall if you found a resolution to the SOAP security negotiation error?

    I have a customer encountering this error when trying to use Scribe Online to connect to GP web services.

    Scribe is able to successfully connect if it uses the GP Web Services Service Host user account, but if we try to use a new domain user that was added via the GP Web Services Security Console, we get the same SOAP error.

    Message: Exception Type : InvalidConnectionException
    Message : SOAP security negotiation with 'http://<server>:48620/Dynamics/GPService/GPService' for target 'http://<server>:48620/Dynamics/GPService/GPService' failed. See inner exception for more details. 

    Message : Security Support Provider Interface (SSPI) authentication failed. The server may not be running in an account with identity 'CORP\GPScribeWebUser'. If the server is running in a service account (Network Service for example), specify the account's ServicePrincipalName as the identity in the EndpointAddress for the server. If the server is running in a user account, specify the account's UserPrincipalName as the identity in the EndpointAddress for the server. 

    I find it unlikely that the Web Services host user account is the only one that can be used to authenticate with GP Web Services, so I'm wondering how to get other Web Services accounts to authenticate.

  • chadbruels Profile Picture
    chadbruels 1,588 on at

    We had several actions taken that resulted in fixing this client's situation. Unfortunately I don't know that I can directly correlate any one of those actions with the security negotiation error. Let me take you through the timeline of our discoveries and actions.

    1. We discovered our old error-friend "the source was not found but some or all event logs could not be searched" was logged in the Web Services Exception Console. We added the eConnect service account to the local administrators group and tried running the operation again. We received the same error so we ran a repair on eConnect - and by mistake also ran a repair on Web Services.

    2. During the repair of Web Services we received the error "Failed to verify the security store SQL server. The selected database exists, but its owner is not a valid Windows user. Please provide a different database name." We found the database owner on the web services database was 'sa'. We changed the owner of the database to a Windows account and the repair succeeded. At this point running the client's call to web services resulted in valid business logic errors.

  • bcbisme Profile Picture
    bcbisme 6 on at

    We also are experiencing the same issue with Scribe and GP Web Services.  Did you ever resolve this issue?

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics GP (Archived)

#1
Community Member Profile Picture

Community Member 2

#2
mtabor Profile Picture

mtabor 1

#2
Victoria Yudin Profile Picture

Victoria Yudin 1

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans