microsoft
AL Designer 10.0.687650 - Windows Authentication error
AL Designer 10.0.687650 is giving a error on download symbols on windows authentication endpoint. Downgrading to v9.5.674382 solves the error. Windows authentication in webclient works as intended so problem must be with ALD release.
Processing of message 'al/downloadSymbols' failed with error: 'The target principal name is incorrect.'
Details:
System.ComponentModel.Win32Exception (0x80090322): The target principal name is incorrect.
at System.Net.NTAuthentication.GetOutgoingBlob(Byte[] incomingBlob, Boolean throwOnError, SecurityStatusPal& statusCode)
at System.Net.NTAuthentication.GetOutgoingBlob(String incomingBlob)
at System.Net.Http.AuthenticationHelper.SendWithNtAuthAsync(HttpRequestMessage request, Uri authUri, Boolean async, ICredentials credentials, Boolean isProxyAuth, HttpConnection connection, HttpConnectionPool connectionPool, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.AuthenticationHelper.SendWithAuthAsync(HttpRequestMessage request, Uri authUri, Boolean async, ICredentials credentials, Boolean preAuthenticate, Boolean isProxyAuth, Boolean doRequestAuth, HttpConnectionPool pool, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
at Microsoft.Dynamics.Nav.Deployment.Telemetry.TelemetryHttpClientHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\Telemetry\TelemetryHttpClientHandler.cs:line 62
at Microsoft.Dynamics.Nav.Deployment.Http.NavHttpClientHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\Http\NavHttpClientHandler.cs:line 35
at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)
at Microsoft.Dynamics.Nav.Deployment.ApiClients.ServerInfoApiClient.GetServerInfo() in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\ServerInfoApiClient.cs:line 46
at Microsoft.Dynamics.Nav.Deployment.ApiClients.ServerRegistry.QueryMetadata(ConnectionOptions options, IEmitLogger logger) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\ServerRegistry.cs:line 153
at Microsoft.Dynamics.Nav.Deployment.ApiClients.ServerRegistry.GetServerInfo(ConnectionOptions options, IEmitLogger logger) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\ServerRegistry.cs:line 79
at Microsoft.Dynamics.Nav.Deployment.ApiClients.PackagesApiClient.SendRequest(IHttpClient client, SymbolReferenceSpecification reference) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\PackagesApiClient.cs:line 135
at Microsoft.Dynamics.Nav.Deployment.ApiClients.PackagesApiClient.DownloadPackage(IHttpClient client, SymbolReferenceSpecification specification, String directory, Boolean isSecondLevelDependency) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\PackagesApiClient.cs:line 172
at Microsoft.Dynamics.Nav.Deployment.ApiClients.PackagesApiClient.DownloadPackages(ImmutableArray1 references, String targetDir) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\PackagesApiClient.cs:line 61 at Microsoft.Dynamics.Nav.Deployment.ReferenceDownloader.NavDevServerPackageDownloader.DownloadPackages(ImmutableArray1 packages, String targetDirectory) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ReferenceDownloader\NavDevServerPackageDownloader.cs:line 32
at Microsoft.Dynamics.Nav.EditorServices.Protocol.LanguageServer.Extensions.DownloadSymbolsRequestHandler.DownloadFiles(DownloadSymbolsRequest request, String cacheDirectory, ImmutableArray1 referencesToDownload) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\LanguageServer\Extensions\DownloadSymbolsRequestHandler.cs:line 130 at Microsoft.Dynamics.Nav.EditorServices.Protocol.LanguageServer.Extensions.DownloadSymbolsRequestHandler.ProcessRequestAsync(DownloadSymbolsRequest request, Int32 requestId, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\LanguageServer\Extensions\DownloadSymbolsRequestHandler.cs:line 98 at Microsoft.Dynamics.Nav.EditorServices.Protocol.LanguageServer.Extensions.NavServerRequestHandler2.HandleAsync(T request, Int32 requestId, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\LanguageServer\Extensions\NavServerRequestHandler.cs:line 40
at Microsoft.Dynamics.Nav.EditorServices.Protocol.MessageProtocol.RequestHandlerBase1.HandleAsync(JToken requestContents, Int32 requestId, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\MessageProtocol\RequestHandlerBase.cs:line 84 at Microsoft.Dynamics.Nav.EditorServices.Protocol.RequestRegistry.Process(Message message) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\Endpoints\RequestRegistry.cs:line 86 ' Details: System.ComponentModel.Win32Exception (0x80090322): The target principal name is incorrect. at System.Net.NTAuthentication.GetOutgoingBlob(Byte[] incomingBlob, Boolean throwOnError, SecurityStatusPal& statusCode) at System.Net.NTAuthentication.GetOutgoingBlob(String incomingBlob) at System.Net.Http.AuthenticationHelper.SendWithNtAuthAsync(HttpRequestMessage request, Uri authUri, Boolean async, ICredentials credentials, Boolean isProxyAuth, HttpConnection connection, HttpConnectionPool connectionPool, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.AuthenticationHelper.SendWithAuthAsync(HttpRequestMessage request, Uri authUri, Boolean async, ICredentials credentials, Boolean preAuthenticate, Boolean isProxyAuth, Boolean doRequestAuth, HttpConnectionPool pool, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at Microsoft.Dynamics.Nav.Deployment.Telemetry.TelemetryHttpClientHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\Telemetry\TelemetryHttpClientHandler.cs:line 62 at Microsoft.Dynamics.Nav.Deployment.Http.NavHttpClientHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\Http\NavHttpClientHandler.cs:line 35 at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken) at Microsoft.Dynamics.Nav.Deployment.ApiClients.ServerInfoApiClient.GetServerInfo() in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\ServerInfoApiClient.cs:line 46 at Microsoft.Dynamics.Nav.Deployment.ApiClients.ServerRegistry.QueryMetadata(ConnectionOptions options, IEmitLogger logger) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\ServerRegistry.cs:line 153 at Microsoft.Dynamics.Nav.Deployment.ApiClients.ServerRegistry.GetServerInfo(ConnectionOptions options, IEmitLogger logger) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\ServerRegistry.cs:line 79 at Microsoft.Dynamics.Nav.Deployment.ApiClients.PackagesApiClient.SendRequest(IHttpClient client, SymbolReferenceSpecification reference) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\PackagesApiClient.cs:line 135 at Microsoft.Dynamics.Nav.Deployment.ApiClients.PackagesApiClient.DownloadPackage(IHttpClient client, SymbolReferenceSpecification specification, String directory, Boolean isSecondLevelDependency) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\PackagesApiClient.cs:line 172 at Microsoft.Dynamics.Nav.Deployment.ApiClients.PackagesApiClient.DownloadPackages(ImmutableArray1 references, String targetDir) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ApiClients\PackagesApiClient.cs:line 61
at Microsoft.Dynamics.Nav.Deployment.ReferenceDownloader.NavDevServerPackageDownloader.DownloadPackages(ImmutableArray1 packages, String targetDirectory) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.Deployment\ReferenceDownloader\NavDevServerPackageDownloader.cs:line 32 at Microsoft.Dynamics.Nav.EditorServices.Protocol.LanguageServer.Extensions.DownloadSymbolsRequestHandler.DownloadFiles(DownloadSymbolsRequest request, String cacheDirectory, ImmutableArray1 referencesToDownload) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\LanguageServer\Extensions\DownloadSymbolsRequestHandler.cs:line 130
at Microsoft.Dynamics.Nav.EditorServices.Protocol.LanguageServer.Extensions.DownloadSymbolsRequestHandler.ProcessRequestAsync(DownloadSymbolsRequest request, Int32 requestId, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\LanguageServer\Extensions\DownloadSymbolsRequestHandler.cs:line 98
at Microsoft.Dynamics.Nav.EditorServices.Protocol.LanguageServer.Extensions.NavServerRequestHandler2.HandleAsync(T request, Int32 requestId, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\LanguageServer\Extensions\NavServerRequestHandler.cs:line 40 at Microsoft.Dynamics.Nav.EditorServices.Protocol.MessageProtocol.RequestHandlerBase1.HandleAsync(JToken requestContents, Int32 requestId, CancellationToken cancellationToken) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\MessageProtocol\RequestHandlerBase.cs:line 84
at Microsoft.Dynamics.Nav.EditorServices.Protocol.RequestRegistry.Process(Message message) in D:\a\1\s\source\Prod\Microsoft.Dynamics.Nav.EditorServices.Protocol\Endpoints\RequestRegistry.cs:line 86
Following. No notes of auth changes in Change Log. SPNs set up and valid, so something's changed!
Same here using AL Designer 10.0.687650. Setup/infrastructure hasn't been changed but since last Thursday we receive the same error message The target principal name is incorrect. when using Windows Authentication.
It appears there currently are two workarounds.
-
workaround: Downgrade "AL Language" vsCode Extension to Previous Version
Originally posted by @chp-Fiftytwo in https://github.com/microsoft/AL/issues/7187#issuecomment-1273229581 - What worked for us (we hadn't tried downgrading yet): Enable "Use NTLM Authentication" in the BC instance.
Yep, we use downgrade for now as we don't permit NTLM due to security issues. Hoping to get some traction @JesperSchulz ?
Yep, we use downgrade for now as we don't permit NTLM due to security issues. Hoping to get some traction @JesperSchulz ?
Will ask the right team for feedback on this issue.
It doesn't look like any progress has been made yet. @thloke, any idea when there will be bandwidth to pick this one up.
No, it's still in our queue. I can bump the priority since it's a regression from the previous major release.
To clarify, is this a problem with downloading symbols with just the AL Language extension, or is this to do with https://github.com/martonsagi/al-object-designer?
I'm assuming that this is about our AL Language extension based on the versioning number, but I'd like to double check this.
This problem occurs with just the AL Language extension installed. Any other extension does not seem to have any effect positive og negative.
We're looking into this now, but can't reproduce the issue internally. Can someone share the setup that they're using that reproduces the issue? Does this occur when using the docker insiders build? Or an installation from the DVD?
DVD installation with three-tier kerberos-based setup. Forced Kerberos auth over NTLM. Can discuss with you offline if you'd like to use and review an exact setup.
Sorry for the delay on getting back on this. We're still unable to reproduce this. If someone can do the following, it would be helpful:
- Enable verbose logging (
"al.editorServicesLogLevel": "verbose"in settings.json). - Repeat the scenario with the auth failure
- Get the editorServices.log file from
C:\Users\thloke\[username]\extensions\ms-dynamics-smb.al-[version number]\bin\win32 - Also get the information from
Get-NavServerConfiguration
You can email it to me directly at: [email protected]
Also I'd be happy to review exact setups to see what might be different internally.
Just send all info you requested. Process executed against a BC20 CU07. If I do this against the newest BC21.2 docker, I have the same result.
Regards, Benny
Hi, Any update? Since this is not affecting only "download symbols" but also "active debugging" (F5) I can't start to roll out BC21 OnPremise, this is becoming a problem for one of my clients. We are converting NAV2018 solutions, now I need to build BC20 hosts in stead of BC21. One of their solutions needs to run under a separate license (Dual Usage Rights), so I can only obtain a BC21 license from the CSP. Do we need to raise this issue thru the support contract to speed up things?
Unfortunately not, all I can say right now is that we're still looking into it. Things have been slow because of the holiday season. One thing that does come to mind though is setting useLegacyRuntime in your settings.json file might be one workaround. That one uses a different auth library.
Hi, useLegacyRuntime is not working. This is becoming a hugh problem. My customer wants to deploy BC21 onpremise with WindowsAuth & Kerberos. Not able to download symbols & debugging is not acceptable.
Good news, the fix is ready and will be available with the next version of vscode extension.
