Login failed for user ''(null)'' in linked server
-
I have server A and server B.
Server A is on a Win XP machine, server 2 in WIN 2000 Server. My windows login is sysadmin on both SQL server A and B. The same win login is in local administrators group on both machines.
Both SQL servers use mixed authentication mode.
The service account on SQL Server A is my Windows account. On SQL Server B is another domain\user account. This windows account (domain\user) is a windows user on machine A and also a sysadmin on SQL Server on machine A.
I linked server B from server A using EM, server type='SQL Server'. No local login defined under Security tab, just checked 'Be made using login's current security account'. I can access server B from EM and Query analyzer if I log with my Windows login. So server B trusts my credentials when they come from server A.
I link the server A from server B using the same settings: No local login defined under Security tab, just checked 'Be made using login's current security account'. When I try to access from EM the server B I get "Login failed for user '(null)', Reason: not associated with a trusted connection.
I get the same message if I connect to server B with my win account in QA and I try to access server A. So it seems that:
a) my credentials are not good enough when they come from server B on server A;
or
b) the attempted connection doesn't use my credentials, but in this case which is the security context?
Is killing me because it looks pretty symmetrical but it doesn't work that way.
I tried to find some answers in previous postings on this forum, but with no luck.
I will be really happy if somebody will give me any idea.
Gabriela
-
Had similar experiences.
Try IP address of server A instead of name.
-
This sounds like a double hop issue. You're connecting using Windows authentication when coming from QA, right?
Are you still an NT 4 domain or an Active Directory domain?
K. Brian Kelley
@kbriankelley -
check this articles. you need to set up security account delegation
http://www.sql-server-performance.com/tb_kerberos_protocol_transition.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adminsql/ad_1_server_24tv.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adminsql/ad_security_2gmm.asp
-
This works if they are on an AD domain. There isn't delegation on NT 4. Hence the reason I asked the question.
K. Brian Kelley
@kbriankelley -
You are right brian. Need to verify whether it is NT or Active Directory.
-
it may be the dcom config of the xp machine.
at the run prompt type "dcomcnfg"
go to component services, then to my computer
right click my computer and choose properties
click the MSDTC tab
click security configuration
check network DTC access
check allow remote clients and allow inbound
make sure the DTC Logon Account is "NT AUTHORITY\NetworkService"
click OK
restart the MSDTC service
This will allow the local DTC service on the XP machine to interact with remote distributed transactions on the network. HTH
Cody Pack
MCSE Windows 2000
MCDBA SQL Server 2000
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply