RPA Central repeatedly prompts for Users Credentials

  • 26 March 2021
  • 0 replies
  • 9 views
MRepetti
Userlevel 1
Badge +8

Issue

After RPA Central is installed, if the user tries to access it after setting the Certificate and URL, and it repeatedly prompts for the Users Credentials, this is because how we use Windows Authentication. It usually means the users Domain and Site URL do not match.

Active Directory

Domain

RPA Central requires Active Directory configured as described in the Pre-installation checklist  in the Microsoft Azure support section.

 

To check if a machine is connected to the Domain follow these steps:

 

Check Domain Controller

 

Azure AD

Supported:  Not officially, but it may work.

When Site URL doesn't match the Domain

If all of the following are true:

  • A customer wishes to make their RPA Central site accessible to other machines.
  • They want the site URL to differ from the domain itself (e.g. rpa.company.com  rather than hostname.company.local).
  • They want to interact with their RPA Central site from the machine on which it’s installed.
  •  

Resolution

Register the Service Principal Name (SPN)

You must register the SPN if you want:

  • To make Nintex RPA Central accessible from other machines.

  • The site URL to differ from the domain. For example, rpa.company.com instead of hostname.company.local.

  • To allow interaction with Nintex RPA Central from the machine on which it is installed.

In addition to installing the certificate for the site URL, perform the following actions by executing these commands in a command prompt window on the Nintex RPA Central machine:

Note: You must be a domain administrator or a user with the "Validated write to service principle name” permission to use these commands.

  • Get the hostname of the machine: Type hostname and press Enter.

  • Get the domain and username: Type whoami and press Enter.

  • Register the custom domain name service principal with the host: Type setspn -S HTTP/{siteUrl} {domain}{hostname} and press Enter.

  • List all SPNs: Type setspn -L {domain}{hostname} and press Enter.

  • Delete an SPN: Type setspn -D HTTP/{siteUrl} {domain}{hostname} and press Enter.

  • Purge all cached tokens after updating the SPN list: Type klist purge and press Enter.

Note: If you have the {siteUrl} registered with a different hostname or with a username, delete and purge it first before adding the correct SPN. Also, you may want to run the list command before and after setting the SPN.

 

 

0 replies

Be the first to reply!

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings