Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 


 
     
Recent Posts
   
Popular Topics
Home   
Search
    Members    Calendar    Who's On

Home » SQL Server 2005 » Administering » Kerberos SQL 2008 Linked Server to MSOLAP
Add to briefcase

Kerberos SQL 2008 Linked Server to MSOLAP Expand / Collapse
Rate Topic
Display Mode
Topic Options
Author
Message
Greg Grow
Posted Thursday, April 23, 2009 3:24 PM
Say Hey Kid

Say Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey Kid

Group: General Forum Members
Last Login: Friday, May 17, 2013 9:01 AM
Points: 698, Visits: 733
Can someone please help me with the steps to allow for the "Double Hop" scenario using Linked Servers to MSOLAP.

Our Environment:
Computer A - SSAS (SQL 2008 64bit, uses a service account for log on)
Computer B - Has a Linked Server to Computer A (SQL Server 2008 Enterprise 64bit, uses a service account for log on)
Computer C - My Desktop with SSMS to test the linked server (2008 Developer 32bit)

When I open my SSMS session and connect to computer B to test the linked server it fails with the following error:

"Cannot set the initialization properties for OLE DB provider "MSOLAP.4" for linked server.. etc... etc... OLE DB provider for linked server returned message "The following system error occured: The system cannot find the file specified." Error 7373

Its interesting; if I log onto the host where the linked server is at with the same domain credentials, the test of the linked server works on the computer B host. And, it now works from my desktop computer C. Once I log off of Computer B, my computer C test begins to fail again. I am guessing that my credentials and profile is authenticating properly.

The Windows Adminsitrators say that everything is set up correctly with Kerberos and SPNs, but I still am not sure since I am unable to test successfully. Not sure what to try next.

Does anyone of have any lists or steps they used to get the double hop working from personal desktops?

Thanks
Greg G.


Post #703643
AShehzad
Posted Thursday, April 23, 2009 9:52 PM


SSC-Addicted

SSC-AddictedSSC-AddictedSSC-AddictedSSC-AddictedSSC-AddictedSSC-AddictedSSC-AddictedSSC-Addicted

Group: General Forum Members
Last Login: Thursday, May 09, 2013 4:30 AM
Points: 419, Visits: 738
The 7373 error code may refer to any errors in the ole db provider itself. Also you may check that ports for your server (1434 and 2383) are listening proper locally and externally.

=============================================================
Atif Shehzad
DBA PRAL
Post #703732
Greg Grow
Posted Friday, April 24, 2009 9:29 AM
Say Hey Kid

Say Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey Kid

Group: General Forum Members
Last Login: Friday, May 17, 2013 9:01 AM
Points: 698, Visits: 733
Thanks. I will have our network guy verify the ports are open. If I add Anonymous Users to the cube, they have access. I would imagine, that if the ports were having issues, it would prevent anonymous as well. We have a case with Microsoft open. Once I hear back from them, I will post the fix.


Post #704072
James Perry
Posted Monday, May 17, 2010 8:33 AM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Wednesday, May 08, 2013 1:46 AM
Points: 197, Visits: 174
Did you ever get this resolved. I have the same issue with SQL 2008 linked server to SSAS 2008. The linked server works fine on the server but when trying to activate it remotely get the cannot be intialized error. Also tried this on a test box where everything is local so SSAS and SQL on same server and again it works fine locally but from a client trying to use linked server it fails to initialise again.
Post #922937
Greg Edwards-268690
Posted Tuesday, May 18, 2010 6:25 AM


Right there with Babe

Right there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with Babe

Group: General Forum Members
Last Login: Today @ 7:22 AM
Points: 788, Visits: 5,189
You might look through a few articles like this to check your setup.
There's also a white paper our on Publishing Performance Point Server in an Extranet Environment that also applies to Sharepoint Server.
You don't give much details on your setup.
Here's a very Rough outline -
Servers and Service Accounts (Domain Account, not Local) need to be allowed to delegate.
SPN's need to be setup - takes Domain Admin.
If a web site is involved, this will need SPN's setup too.


http://support.microsoft.com/kb/319723



[url=http://msdn.microsoft.com/en-us/library/ee191523.aspx]

I also find setting this registry key on all machines helpful.
This forces Kerberos to use TCPIP instead of UDP.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters]
"MaxPacketSize"=dword:00000001

Greg E
Post #923503
Greg Grow
Posted Tuesday, May 18, 2010 11:36 AM
Say Hey Kid

Say Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey KidSay Hey Kid

Group: General Forum Members
Last Login: Friday, May 17, 2013 9:01 AM
Points: 698, Visits: 733
You may want to look around for the Double Hop issue. Once the SPNs were set up correctly, I didn't have any issues passing through authentication.

http://jesseorosz.spaces.live.com/Blog/cns!E322FD91218E57CF!329.entry


Post #923779
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse

 
 
Copyright © 2002-2013 Simple Talk Publishing. All Rights Reserved. Privacy Policy. Terms of Use. Report Abuse.