November 16, 2011 at 9:47 am
I am setting up a linked server between two servers on my domain.
I am using impersonate, so that its my own account that is used on the linked server.
I set up both servers to use kerberos and confirmed its working (both servers running under domain accounts).
im logged into my desktop pc, via my domain account.
Now, when i try to query tables via the linked server i get the error:
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
I set up kerberos initially to get over this yet its still an issue. anyone able to help here?
Thanks.
November 16, 2011 at 10:02 am
It was a BUG in SS2K5 and MS claims it to be fixed. Time to re-open the defect I guess 😉
November 16, 2011 at 1:31 pm
Would a bug of this scale ( its pretty big IMO that you cannot use linked servers with Windows Logins over Kerberos) go unfixed since sql server2000? Im using sql server 2008 R2 enterprise.
November 16, 2011 at 1:48 pm
Kerberos authentication was likely set up. Was Kerberos delegation configured? This is required to go through the linked server connection to another SQL Server using the passed Windows credentials. If not, this whitepaper discusses how to do so for the linked server scenario.
How to Implement Kerberos Constrained Delegation with SQL Server 2008
K. Brian Kelley
@kbriankelley
November 16, 2011 at 2:02 pm
K. Brian Kelley (11/16/2011)
Kerberos authentication was likely set up. Was Kerberos delegation configured? This is required to go through the linked server connection to another SQL Server using the passed Windows credentials. If not, this whitepaper discusses how to do so for the linked server scenario.How to Implement Kerberos Constrained Delegation with SQL Server 2008
Sorted! Thanks a Mil Brian! It was all about the delegation! Funny, ive been googling this issue for a few hours and not once did delegation come up as the cause of the issue. most peole just settled for sql authentication and left it at that.
Thanks again Brian!
November 17, 2011 at 12:34 am
winston Smith (11/16/2011)
Would a bug of this scale ( its pretty big IMO that you cannot use linked servers with Windows Logins over Kerberos) go unfixed since sql server2000? Im using sql server 2008 R2 enterprise.
It was a TYPO. SS2K --> SS2K5 (edited below)
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply