May 20, 2008 at 7:16 am
Here's hoping someone can help me with my latest configuration issue. I'm trying to get linked servers setup appropriately. The environment I am testing this in has 3 servers in the same domain. Server 1 is configured with Windows authentication and has the startup service account configured to use a system account. Server 2 and 3 are both configured using mixed mode authentication and have the startup service account as a domain account (domain\username). I can setup linked servers between servers 2 and 3 without issue, but cannot connect to server 1 from 2 or from 3. I think my main issue is not knowing the correct way to configure the linked servers going to server 1. I can provide any additional information that would be helpful, but any insight would be appreciated. Also, we are moving to an environment where all of our servers will be switched to windows authentication, so simply switching server 1 to mixed is not an option. Thanks!
May 27, 2008 at 8:20 pm
Since your three servers are in the same domain, you can use a domain account to link across each other among these three servers. You cannot use an SQL Server account to link Server 1.
May 28, 2008 at 6:35 am
SQL ORACLE (5/27/2008)
Since your three servers are in the same domain, you can use a domain account to link across each other among these three servers. You cannot use an SQL Server account to link Server 1.
Thanks for the response! Can you help me further, though? I'm trying to figure out EXACTLY how to set that up using linked servers and what criteria needs to be met for the domain account? For instance, does account delegation need to be enabled for this to occur? And do you know any specifics on how the linked server setup would be configured (via enterprise or SQL code)?
May 28, 2008 at 2:44 pm
Here is the outline of the setup
1. Create a domain account (You may ask your windows team to create it in the Active Directory);
2. Grant necessary permissions in these three SQL Servers;
3. Use sp_addlinkedserver to build the link between servers.
May 29, 2008 at 6:48 am
Thanks again! For this specific scenario, is it a requirement to have delegation enabled in active directory?
May 29, 2008 at 9:28 pm
No. SQL Server 2000 does not have the concept of delegation itself.
November 15, 2010 at 5:17 am
Hi,
I have read through your questions and answers to your linked server setup issue.
I too am having a similar problem with two servers that i am trying to link together. I have tested a dmain account connection with two sql 2005 servers and it is successful. When i do this with a sql 2005 to sql 2008 it is unsuccessful, however when i have tested from the sql 2008 server to the 2005 it is successful. The error message i am receiving from the 2005 to 2008 server is as follows : Msg 18456, Level 14, State 1, Line 1
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
I think there may be some sort of compatibility issue going on here. As it is only when im trying to access the 2008 from 2005 this error message appears. The other way is ok (2008 to 2005).
Any advice would be greatly appreciated.
Thanks in advance.
November 15, 2010 at 9:45 am
In your case, it is more than likely that the firewall on the 2008 server is stopping incoming. Turn off the firewall and test.
Chris Powell
George: You're kidding.
Elroy: Nope.
George: Then lie to me and say you're kidding.
November 17, 2010 at 4:12 am
Hi and thanks for your reply. I have checked the firewall and it is off. I have ensured that the user id that i have used when creating the linked servers is on both servers with identical permissions. The configuration i have setup for both linked servers also have the same security settings, so I'm at a loss with this. 🙁
November 17, 2010 at 4:35 am
as a first step, you can try creating i, linked server using sql authentication to ensure its not a firewall issue.
But looking at the error msg you have posted it looks like a typical SPN registration/Delegation error. For more details refer http://www.databasejournal.com/features/mssql/article.php/3696506/Setting-Up-Delegation-for-Linked-Servers.htm
Regards,
Raj
November 17, 2010 at 8:48 am
Thanks i will read this and feedback all my findings.:-)
Viewing 11 posts - 1 through 10 (of 10 total)
You must be logged in to reply to this topic. Login to reply