Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

local login to remote server mapping issues Expand / Collapse
Author
Message
Posted Wednesday, July 3, 2013 2:56 PM
Valued Member

Valued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued Member

Group: General Forum Members
Last Login: Tuesday, April 1, 2014 3:46 PM
Points: 54, Visits: 239
I am trying to map a AD domain login on my server to a remote server login (a sql authenticated acct). I am not having in success. Am I missing something, is it even possible?

The purpose of this is to only allow users in the AD domain group to have access to the linked server, and those who are not in the AD group would be denied.
Post #1470241
Posted Wednesday, July 3, 2013 3:06 PM


SSChampion

SSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampion

Group: General Forum Members
Last Login: Yesterday @ 11:55 AM
Points: 12,905, Visits: 32,165
yep, i'm confirming the same thing you are seeing,
i cannot map a domain group to a remote login, even if i know it exists as a login on the server.

i think you'll end up having to iterate thru the current members with xp_logininfo , and script out the grants for them them individually.
EXEC master..xp_logininfo @acctname = 'disney\dev',@option = 'members'     -- show group members




Lowell

--There is no spoon, and there's no default ORDER BY in sql server either.
Actually, Common Sense is so rare, it should be considered a Superpower. --my son


  Post Attachments 
NoLinkedServerADGroup.png (15 views, 95.75 KB)
Post #1470244
Posted Wednesday, July 3, 2013 3:28 PM
Valued Member

Valued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued Member

Group: General Forum Members
Last Login: Tuesday, April 1, 2014 3:46 PM
Points: 54, Visits: 239
Yes, it only seems to work if the login is a local login meaning a sql authenticated account or an individual AD domain user. But when I try to use a AD domain Group, it doesn't work. There must be a work-around
Post #1470251
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse