We have upgraded our environment from v8.6 to v10.1.
While upgrading personalization server, we have got prompt as in it will overwrite any application on default website. We selected yes and completed our installation.
Upgraded schema as well, everything went fine and working fine.
When I access default website with localhost or with server hostname, I am able to access PersOps. However when I try to access it via our GSLB URL it is asking for credentials even after providing right credentials it keep prompting for it and ended with error "Not Authorized, HTTP Error 401. The requested resource requires user authentication."
We have configured the "PWCAPI" and "PWC" pools to use network load balancer account as per load balancer best practice guide.
Even correct SPN's are created for load balance account because our personalization is working fine.
There are no any security configuration done at LB end. Our communication from end machine to GSLB is HTTPS and from GSLB to servers HTTP with SSL offloading.
As soon as I change "useAppPoolCredentials" to "true" it does not work with hostname also from another machine.
I have tried doing following changes in IIS for default web site and PWCAPI,
- changing "useKernalMode" to true or false
- Using Anonymous authentication for all pools
- Changing/toggling Windows Authentication providers to "NTLM" only or "Negotiate"
So basically we are trying to make available PersOps to our SD team as a replacement of EMBI, however it is not accessible via LB VIP URL.
Any quick help will be appreciated.