Linked Server Not using Domain Users
-
I have two servers that should be linked.. and we want to use a domain user ID to link then. But when I put in <Doman Name>\<user ID> and then the password.. it fails login.
I can use this user to log into the server I am trying to link to.. so I know that works...
I can also use a SQL server user, from the server I am linking to .. and that works.. but for some reason the Doman user is not.
-
dwilliscp (8/22/2012)
I have two servers that should be linked.. and we want to use a domain user ID to link then. But when I put in <Doman Name>\<user ID> and then the password.. it fails login.I can use this user to log into the server I am trying to link to.. so I know that works...
I can also use a SQL server user, from the server I am linking to .. and that works.. but for some reason the Doman user is not.
I think you need to map to a SQL login instead.
i'm under the impression that you cannot pass a windows user/password combination to a linked server; it doesn't login per se; what the linked server expects is the windows name so it can check if the user has a valid token or not from the domain server.
so when you create a linked server, and select "be made using the logins current security context", it's the windows users token that is used to test for permissions ont he remote server.
Lowell
--help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible! -
I found the following interesting.. it seems to state you can use windows passwords in the upper section, but when you get to the bottom of the box you can not..
Microsoft's website lists..
http://msdn.microsoft.com/en-us/library/ff772782.aspx
Local login
Specify the local login that can connect to the linked server. The local login can be either a login using SQL Server Authentication or a Windows Authentication login. Use this list to restrict the connection to specific logins, or to allow some logins to connect as a different login.
Be made using this security context
Specify that a connection will be made using the login and password specified in the Remote login and With password boxes for logins not defined in the list. The remote login must be a SQL Server Authentication login on the remote server.
-
However since we were using the bottom section..not top.. domain accounts will not work. Thanks for your help.
-
dwilliscp (8/22/2012)
However since we were using the bottom section..not top.. domain accounts will not work. Thanks for your help.I learned something here too; I didn't think impersonation was allowed, but now I know how;
great to know.
thanks!
Lowell
--help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible! -
oh god, we are moving to windows authentication now, what to do?
Regards
Durai Nagarajan
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply