The Service Principal Name (Delegation) configuration has been set incorrectly

Hello Everyone,

We’re running BC14 on premise with the RTC and we use Windows Authentication.

I have one user working remotely who is getting an error when trying to open the BC client. The error is “The Service Principal Name (Delegation) configuration has been set incorrectly.” No one else has this problem.

We have confirmed that her VPN password matches her Windows Active Directory password. I also flushed her DNS which resolved this for one of our associates in the past, but it did not resolve the connection issue this time.

I changed her ClientUserSettings.config file to use “UserName” authentication instead of “Windows” authentication. This worked but she now has an extra step starting BC as it checks her ID and password.

Has anyone seen and resolved this issue before?

Lewis,

Is she logging into her computer using her username and password? I have seen a similar error message (but maybe not this same one) when someone uses their PIN or Fingerprint to login instead of their username and password.

The error message “The Service Principal Name (Delegation) configuration has been set incorrectly” can occur if there is an issue with the Service Principal Name (SPN) configuration in Active Directory. This error can also occur if the user does not have sufficient permissions to perform Kerberos delegation.

To troubleshoot this issue, you can try the following steps:

1. Check the SPN configuration for the user account in Active Directory. Make sure that the SPN is correctly set up for the account that the user is using to connect to BC.
2. Ensure that the user has sufficient permissions to perform Kerberos delegation. You can do this by checking the “Account is trusted for delegation” option in the user’s Active Directory account properties.
3. Check the user’s network connectivity. Ensure that the user’s VPN connection is working properly and that they can access the BC server.
4. Try resetting the user’s Windows password and VPN password to ensure that they match.
5. If the issue persists, you can try reinstalling the BC client on the user’s machine.

If the above steps do not resolve the issue, it may be necessary to escalate the issue to your IT team or Microsoft support for further assistance.

Thanks, Brad. The user is using facial recognition to log on to her laptop instead of her Windows AD ID and password, so that may likely be the issue.