Re: Linked Servers

From: Sue Hoegemeier (Sue_H_at_nomail.please)
Date: 11/09/05

  • Next message: Tibor Karaszi: "Re: Sql 2005 express edition information" 
    Date: Tue, 08 Nov 2005 20:30:53 -0700

    Mapping each user context to what? Sounds like the users are
    authenticated using their Windows credentials and mapping is
    set to their credentials so for their AD accounts, the
    setting for:
     Account is sensitive and cannot be delegated
    needs to be turned off or deselected.
    The server also needs to be trusted for delegation.
    You also need to check your protocols and listening ports.
    The books online article:
    Security Account Delegation
    has all of the requirements. If you are running on SP3 or
    higher, make sure you are referencing the updated help
    topic. You can also find it here:
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adminsql/ad_security_2gmm.asp

    -Sue

    On Tue, 8 Nov 2005 12:21:17 -0500, "Malcolm Klotz"
    <nonesuch23@online.nospam> wrote:

    >Hello,
    >
    >I am having trouble with creating a linked server (as simple as it should
    >be).
    >My Setup:
    >Server A: runs under a specific account, the account can be delegated, I
    >have used setspn on this machine (as per BOL), I have also created a linked
    >server to Server B (mapping each user context as they connect)
    >Server B: runs under the same account (which can be delegated), I have not
    >used setspn as I only want people to connect remotely from Server A.
    >
    >If I log onto Server A, run a query like select * from
    >serverb.database.owner.table everything runs fine, I can connect remotely,
    >now, here is the hitch:
    >
    >I work on Client machine C, when I try and run the same query that worked on
    >server A, I get:
    >
    >Msg 18452, Level 14, State 1, Line 1
    >Login failed for user '(null)'. Reason: Not associated with a trusted SQL
    >Server connection.
    >
    >What am I doing wrong?
    >
    >Appreciate any insight into this
    >
    >Malcolm.
    >

  • Next message: Tibor Karaszi: "Re: Sql 2005 express edition information"

    Relevant Pages

    • Re: 2003 Server Client/Delegation and Data Issues
      ... Did you also use F5 to update the AD UC console on the 2003, ... Win23K server to look for a unstarted services that may be needed, ... - Checked the delegation permissions on the OU ... I noticed that in the administrator account the ...
      (microsoft.public.windows.server.active_directory)
    • Re: Windows (Trusted) Authentication and SQL Server
      ... I can still run the application when logged in locally to the IIS machine, ... > The account whose credentials are being delegated must be a domain account ... > be marked in Active Directory as trusted for delegation. ... > Server) does not need to be marked as trusted. ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • RE: Access denied ( From one site to another, that is in another server)
      ... You are running into a delegation issue here. ... remote resources on behalf of the client. ... from a one server to get to another server, the account credentials must be ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: Windows (Trusted) Authentication and SQL Server
      ... The account whose credentials are being delegated must be a domain account ... The computer on which the delegation takes place ... Server) does not need to be marked as trusted. ... in to play is when an IE client connects to a web server. ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: Using NT Authentication with Linked Server
      ... You are running into a double hop (or delegation) scenario. ... User trying to connect to SQL Server is not sensitive and can be ... how to register SPNs for your SQL Service account). ... Use sp_addlinkedsrvlogin on the first linked server (server B in your ...
      (microsoft.public.sqlserver.security)
    • Quantcast