NavXtender Web Service Authentication 401
This type of issue can be resolved via configuring some settings in IIS.This includes:
- Enable Anonymous Authentication with the IUSR.
- Enable Windows Authentication, NTLM needs to be first provider.
- Enable Kernel-mode authentication and Accept Extended Protection.
Open IIS on the server / machine that NAV is hosted on.
Now go into the features of Authentication:
Enable Anonymous Authentication with the
Enable Windows Authentication, then Right-Click to set the Providers.
NTLM needs to be first (Move Up to the top)
Next, check that under Advanced Settings… the Extended Protection is Accept and Enable Kernel-mode authentication is CHECKED:
IIS service and NAV service may require restart for changes to take effect. Web Service should now connect.
If a 401 continues after IIS changes and reboot, enable NavXtender logging and check if the error message ‘The target principal name is incorrect‘. In this case, ‘NTLM Authentication‘ will need to be enabled on the Nav Service as found in the NAV Administration Console.
NOTE, adjusting this NAV service setting may effect other programs that rely on that service (eg: Shop Floor Insight), in which case a new service should be created pointing to the same DB, just with different service name and SOAP port. Then point the NavXtender webservice to the new service.
IIS service and NAV service may require restart for changes to take effect.
For more information, and credit for the solution see: https://stackoverflow.com/a/27828132