Who is this article for?

Users who are encountering an error message on client launch.

Server accessis required.

When starting the Pentana Audit desktop client, you may see the following error:

"Security Support Provider Interface (SSPI) authentication failed. The server may not be running in an account with identity 'host/server.domain.com'. If the server is running in a service account (Network Service for example), specify the account's ServicePrincipalName as the identity in the EndpointAddress for the server. If the server is running in a user account, specify the account's UserPrincipalName as the identity in the EndpointAddress for the server."

This article will walk you through how to troubleshoot and resolve it.

1. Solution
   • ClickOnce
   • MSI or Xcopy

1. Solution

The solution to this error is to add the User Principle Name for the service to the client configuration, as follows.

First, get the client config file ready for editing.

If the client is distributed via ClickOnce:

1. At the application server, open App Manager.
2. Select the correct instance.
3. Go to the "Config" tab.

If you distribute the client via MSI or Xcopy, in your package source files, open the file vision.exe.config in a text editor.

Then, find each occurrence of <identity> and ensure that:

• • The section is uncommented (where Windows Authentication is used it will appear twice, where FBA or SSO via SAML are used it will appear three times).
  • The service user and AD domain are specified.
    For example, where my app pool service user is PentanaService, and the AD domain is TESTNET:

3. Save the file.

If ClickOnce is used, the client will pick up the new configuration when it starts. If you deploy via some other mechanism, you will need to deploy the new vision.exe.config.