.NET
Microsoft Technologies based on the .NET software framework.
3,904 questions
SSO Problem: Works remote with IP-Adress but not with FQDN (non HTTP communication)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 63%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHJ%3C/text%3E%3C/svg%3E)
Hundgeburth, Jörg
1
Reputation point
We are using an application that runs as a service under an Active Directory service profile. With a UI I can log on to the service locally with SSO. If I start the UI remotely and enter the IP address of the service computer as the destination, the SSO login works from there. However, if I enter the FQDN as the destination, the connection will fail. The error message is:
"System.ServiceModel.Security.SecurityNegotiationException: Error in SSPI call, see internal exception. ---> System.Security.Authentication.AuthenticationException: Error in SSPI call, see internal exception. ---> System .ComponentModel.Win32Exception: The target principal name is incorrect"
I tried configuring an SPN, but can't find the correct parameters. The UI uses WCF to communicate with the service. I've found a bunch of information how to configure SPN for MSSQL or HTTP but nothing works.
Environment: Windows Server 2019, Windows 10, .NET-Framework 4.8, Active Directory
.NET
Sign in to answer