Possibly, when PARTdataManager, PARTadmin > Index administration (Client) or 3Dfindit log in at the AppServer, problems occur.[80]
They could arise when the AppServer has been set up with Local System account and this has no sufficient rights. If needed, change to a Service user.
However, in this case also consider that the Service user needs to have additional ServicePrincipalName entries in the Active Directory. Following exemplary commands have to be executed on the customer side by the Domain-Admin:
setspn -U -S http/myhostname DOMAIN\myserviceuser setspn -U -S http/myhostname.my.domain.local DOMAIN\myserviceuser setspn -U -S http/myhostname:9022 DOMAIN\myserviceuser setspn -U -S http/myhostname.my.domain.local:9022 DOMAIN\myserviceuser setspn -U -S http/myhostname:9023 DOMAIN\myserviceuser setspn -U -S http/myhostname.my.domain.local:9023 DOMAIN\myserviceuser
Testing for the existence of the SPNs works as follows:
setspn -L DOMAIN\myserviceuser
If several domains are involved and functionality is not given despite these entries, following note is relevant:
https://support.microsoft.com/de-de/topic/updates-f%C3%BCr-die-tgt-delegierung-f%C3%BCr-eingehende-vertrauensstellungen-in-windows-server-1a6632ac-1599-0a7c-550a-a754796c291e