The NAV community, including the ArcherPoint technical staff, is made up of developers, project managers, and consultants who are constantly communicating, with the common goal of sharing helpful information with one another to help customers be more successful.
As they run into issues and questions, find the answers, and make new discoveries, they post them on blogs, forums, social media...so everyone can benefit. We in Marketing watch these interactions and never cease to be amazed by the creativity, dedication, and brainpower we’re so fortunate to have in this community—so we thought, wouldn’t it be great to share this great information with everyone who might not have the time to check out the multitude of resources out there? So, the ArcherPoint Microsoft Dynamics NAV Developer Digest was born. Each week, we present a collection of thoughts and findings from NAV experts and devotees around the world. We hope these insights will benefit you, too.
We thought others might have the same issue Tim had setting up his server on Docker, so we’re sharing this internal conversation here for your benefit:
Tim: Hey all, I've been looking into Docker myself, but I'm puzzled what I'm missing when building my own Server 2016 to run Docker.
First, for background, I had begun on Azure and was able to load Tenerife and the first release of NAV 2018 with no problem. However, building my own 2016 server (on my VMWare), I'm running into domain problems. Currently I'm looking into gMSA. Does anyone know what Azure has that I'm missing in my own server 2016 build?
Kyle: Without knowing what your actual problem / error message is, not sure how to help. I have 2018 running in my own local Docker container
Windows 10 -> VMware 12 -> Server 2016 -> Docker - Server Core 2016 with NAV 2018
Tim: We'll drill in. I'm getting the following SQL Server error or errors: 18452,"28000",[Microsoft][SQL Server Native Client 11.0][SQL Server]Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.
I am able to ping the container by name and IP. I installed SSMS and am able to access the NAV db using the IP address using the SA account.
Kyle: Inside the container itself, there is a directory c:\run. This has the PowerShell scripts that are executed when you first run an image to create a new container (after a pull).
It looks like navstart.ps1 has all of the specifications for authentication that is used. However, if you are making a stand-alone container that you pulled from Microsoft, it shouldn't be trying to locate a domain controller. Did you take your Azure container and copy it locally and that is what you are trying to run?
Tim: Nope, I didn't copy anything from the Azure container. It was a fresh pull on my local server. I haven't gone through the scripts yet, but wouldn't the authentication be declared in Freddy's new-navcontainer script?
Kyle: It would. My latest pull just worked without any modifications at all. Maybe destroy your container and image, and redo a pull from this:
docker pull microsoft/dynamics-nav:2018-rtm-na
Bill: Do you also have the infrastructure in place to support gMSA? Otherwise, you're looking at win auth hacks or SQL Server auth, NavUserPassword authentication.
Tim: What do I need beside a domain controller? Otherwise, I am in the process of using NavUserPassword authentication to test. No results yet though.
Kyle: If he is just pulling the vanilla NAV 2018 image, it shouldn't need or want anything for authentication. The NST and SQL server are on the same machine, so the only authentication you need is for the NAV clients.
Bill: I didn't see the need for that (a domain controller) for my personal Docker setup. gMSA is going to be useful for a team environment and managing many logins across multiple different Docker instances.
Server 2016 is the best environment for Docker on Windows if you can run it on your machine. However, most people will be stuck with Windows 10, which can be difficult. Managing networks across Hyper-V and Docker can be a nightmare if you try to use both.
Kyle: I have Server 2016 running inside of VMware running on Windows 10. Let me know if you need assistance. There are a couple of particular settings that have to be done in VMware to lie to the guest OS to think it is on real iron.
Tim: Kyle, about the real iron setting, are you talking about the "Virtualize Intel VT-x/EPT or AMD-V/RVI" setting, under Processors setting for VMWare. The one that handles nested vm's?
Kyle: Correct. That has to be turned on for Windows Server 2016 to think it is on real metal.
We hope you find this helpful! Stay abreast of what is new in the Microsoft Dynamics NAV community and at ArcherPoint by subscribing to our monthly newsletter, Better Business, by completing the form in our Resource Center.
If you are interested in NAV development, be sure to see our collection of NAV Development Blogs.
Read the "How To" blogs from ArcherPoint for practical advice on using Microsoft Dynamics NAV.