Securely query Active Directory

  • Hello SSC,

    I need to query Active Directory from a stored procedure, and have been successful with getting it set up - however, the only way I know how to get it working is to set up a Linked Server (OLE DB Provider for Microsoft Directory Services) with having an active directory user name & password specified under the "Be made using this security context" box.  When I put the credentials in for a valid Active Directory account, it works; however, the credentials get sent in plaintext over the network.

    Is there a secure method for querying Active Directory without needing to send the plaintext credentials over the wires?

    Thanks,

    Dan

  • Thanks for posting your issue and hopefully someone will answer soon.

    This is an automated bump to increase visibility of your question.

  • The problem with trying to query Active Directory using a query running in Management Studio is your credentials have to be passed from your computer, to the SQL Server, and then again to Active Directory to query it.

    If you setup the linked server on a database that is on your computer,  you can then use the option "Be made using the login's current security context".

    The other option is, if you are trying to automate queries against Active Directory, if SQL Server Agent service starts using a domain account, setup the linked server with the "...current security context" option on the server then the query will run successfully.

    I typically design and test the query on my local instance, then when it works the way I want, get it deployed to the server instance since I can't test the query there.

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply