August 29, 2012 at 10:22 pm
hi everyone,
i need to consult this issue am having with linked server.
i setup a linked server from server1 to server2. currently there already N number of linked servers connecting to server2 from other sql servers. my problem is that my newly created (from my ssms on my pc) linked server from server1 to server2, it returns login failed for user 'null'. but when i try to connect to server1 via remote desktop, open up ssms, go to server objects and test the linked server connection, everything is working!
appreciate any help extended. i've been working on this for half a day now. btw, all sql are windows auth, and i'm using my domain account to login to remote desktop.
please help!
August 29, 2012 at 10:53 pm
Your issue is with 'double-hop' authentication. When you're logged onto Server1,you are able to authenticate directly to Server2, but when you are connected to Server1 via your PC (using your Windows credentials), in order to connect to Server2, Server1 needs to be authorised to delegate(forward) your credentials on to Server 2.
If you do a search in BOL, for 'double hop' you should find everything you need to get this up and running (with a little help from a friendly Domain Admin:-)). Pop back if you're still struggling.
August 29, 2012 at 11:59 pm
thanks much Clare for your reply,
i came across this post http://www.sqlservercentral.com/articles/Security/65169/ and i'm reading it now. will let you know what happens.
again, thanks!!!
September 20, 2012 at 11:17 am
The basic steps are:
Make sure that a SPN is created for both instances, and ensure that Kerberos is used when connection to the. the auth_scheme in sys.dm_exec_connections will say 'KERBEROS'. The SPN must be created on the account running the SQL Server services.
Allow delegation from from Server1 to Server2. This is done in AD, and I think it must be done by a Domain Admin.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply