March 8, 2002 at 12:48 pm
Hello everyone,
I have created a linked server between 2 of my SQL 7 boxes, and I'm getting an error when I establish the security for the logins. Both of the boxes have the same logins and passwords. So I figure impersonate the logins. No problem except that the NT logins don't work when impersonated. The SQL logins work just fine. It should be noted, I guess, that both boxes allow mixed authentication.
Has anyone else experienced this and is there a work around. I checked out BOL and the only example I saw of NT logins in a linked server situation was mapped to a SQL login on the remote box.
Thanks,
Jason
March 8, 2002 at 12:56 pm
First both the servers have to be on the same domain (unless I missed something) as when the login occurrs it is passed as (AUTHENTICATOR\LOGINNAME) what you want is DOMAINNAME\LOGINNAME to pass. Then all you have to do is setup either straight accounts or groups and create logins in SQL. When you get there you should be able to see right off.
"Don't roll your eyes at me. I will tape them in place." (Teacher on Boston Public)
March 8, 2002 at 1:00 pm
First off, both servers are in the same domain. Sorry, I should have mentioned that before.
Secondly, are you saying that one NT Login can't be mapped to the same NT Login on a remote box; it has to be mapped to a group or single SQL login?
Jason
March 8, 2002 at 1:07 pm
No they can map but you still have to grant access via an NT authenication login account on the other SQL server. Once they have been granted access should work just fine if they are on the same domain.
Open EM and drill to Security and logins
There do create login and create a login account for either a SQL Login or and NT Auth Login (which can cover 1 user or if all have the same permissions create an NT User Group and put the folks in that but assign the group to the SQL account, makes for easier admin).
"Don't roll your eyes at me. I will tape them in place." (Teacher on Boston Public)
March 8, 2002 at 1:25 pm
Okay, I think I'm starting to get it now. The NT logins have to be in the same domain as the servers; otherwise, I will have to create a SQL login to map them to (with the appropriate permissions). Is this a correct understanding?
Jason
March 8, 2002 at 3:33 pm
Yes, sounds right.
"Don't roll your eyes at me. I will tape them in place." (Teacher on Boston Public)
March 11, 2002 at 9:06 am
Thanks for your help !! I got it to work!
Jason
March 11, 2002 at 1:10 pm
Great to hear. Was there anything off from what I stated you had to do in case someone else sees this thread with the same problem?
"Don't roll your eyes at me. I will tape them in place." (Teacher on Boston Public)
March 11, 2002 at 1:18 pm
No, I think your solution and advice was right on.
Jason
Viewing 9 posts - 1 through 8 (of 8 total)
You must be logged in to reply to this topic. Login to reply