You are viewing limited content. For full access, please sign in.

Question

Question

Directory Server SOAP security negotiation failed

Directory Server
Updated February 25, 2020
asked on February 24, 2020

Hey guys, we're trying to change the service accounts for all our LF services to a new domain account.  I've changed it for all the windows services and AppPools in IIS but I'm missing an endpoint for license manager and getting the following error when attempting to load the Directory Server. 

"SOAP security negotiation with 'http://XXXX/LicenseManager/service' for target 'http://XXXX/LicenseManager/service' failed.

I've changed the account for the endpoints located in the Directory Server folder and Directory Server/Web folder but i'm clearly missing one somewhere.  I can even see in event viewer that the service it's trying to call on is the old domain Administrator but just can't find the last place to specify the new domain service account.

Can anyone point me in the right direction?

0 0

Replies

replied on February 25, 2020

What version of LFDS are you running?

Please rerun the LFDS XmlEndpointUtility as an Administrator, taking special care to enter the following correctly:

  • The actual Fully Qualified Domain Name (FQDN) of the server LFDS/STS is on. Do not use a DNS alias. 
  • The actual User Principal Name (UPN) of your new AD service account in user@domain.com format.

That you are seeing a event viewer messages showing the service still registered under the old domain accounts suggests the original XmlEndpointUtility update did not take.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...