September 26, 2014 at 6:55 am
Hi,
Has anyone tried to build a SQL server that has 2 Availability Groups, each with its own Listener (IP), and configure in such a way that :
* if a client connects to AG1 using IP1 it can only see and access the DB's in AG1
* and make it impossible if a client connects to IP2 to see or connect to any of the databases of AG1?
I know i can make the databases inaccessible by assigning differrents rights to UserAG1 / UserAG2 accounts, but if someone makes a mistake mistake and fumbles the User/AG combo in a connectionstring it is possible to login to a AG2 database using the AG1 endpoint.
I guess once the connection to an endpoint made it is global to the entire SQL instance.
I have been juggling AG's IP's and endpoints for some time now and cant get the separation i want without resorting to 🙂
Greets,
Theo
September 28, 2014 at 10:39 pm
I don't think it's possible. Though AG is at database level, the listener always connects to primary replica.
September 29, 2014 at 1:09 am
So it seems.... Alas!
September 29, 2014 at 1:01 pm
The listener always connects to the primary replica and based on the user connecting dictates the view they will see
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply