SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Login error - The login is from an untrusted domain and cannot be used with Windows authentication....


Login error - The login is from an untrusted domain and cannot be used with Windows authentication. (Microsoft SQL Server, Error: 18452)

Author
Message
aprathour.89
aprathour.89
SSC Eights!
SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)

Group: General Forum Members
Points: 848 Visits: 559
Hi All,

I am getting below error while trying to connect SQL from remote server. Local login is working fine. Can anyone help on this. Thanks in advance.

Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. (Microsoft SQL Server, Error: 18452)



-----------------
Aditya Rathour
SQL DBA

Not Everything that is faced can be changed,
but nothing can be changed until it is faced.
Super Cat
Super Cat
Hall of Fame
Hall of Fame (3.4K reputation)Hall of Fame (3.4K reputation)Hall of Fame (3.4K reputation)Hall of Fame (3.4K reputation)Hall of Fame (3.4K reputation)Hall of Fame (3.4K reputation)Hall of Fame (3.4K reputation)Hall of Fame (3.4K reputation)

Group: General Forum Members
Points: 3420 Visits: 2987
I would say from the limited information supplied. The request is coming from another domain which has no domain trust in place with the destination domain. Is there a domain difference? Between the source and destination.
Sue_H
Sue_H
SSC-Dedicated
SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)

Group: General Forum Members
Points: 33342 Visits: 9539

If by local login you mean using the same account you can log into the server itself then you may want to check the account on that server and make sure the account has the rights to "Access this computer from network" under Local Security Policy, User Rights

Sue




bmg002
bmg002
SSChampion
SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)

Group: General Forum Members
Points: 12943 Visits: 2370
I may be mistaken on this one, but I THINK the service account not being able to talk to AD can cause that problem too.
Might want to check that the SQL Service account can talk to the AD server.
aprathour.89
aprathour.89
SSC Eights!
SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)

Group: General Forum Members
Points: 848 Visits: 559
Talib123 - Monday, July 31, 2017 7:57 AM
I would say from the limited information supplied. The request is coming from another domain which has no domain trust in place with the destination domain. Is there a domain difference? Between the source and destination.

Thanks for replying.
Both the source and destination servers are in same domain.


-----------------
Aditya Rathour
SQL DBA

Not Everything that is faced can be changed,
but nothing can be changed until it is faced.
aprathour.89
aprathour.89
SSC Eights!
SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)

Group: General Forum Members
Points: 848 Visits: 559
Sue_H - Monday, July 31, 2017 10:52 AM

If by local login you mean using the same account you can log into the server itself then you may want to check the account on that server and make sure the account has the rights to "Access this computer from network" under Local Security Policy, User Rights

Sue

I am able to take RDP login on both the servers with same domain account, both servers are part of same domain. I can connect locally on each server but when trying to connect first one server's SQL in second server then its throwing error and vice-versa.


-----------------
Aditya Rathour
SQL DBA

Not Everything that is faced can be changed,
but nothing can be changed until it is faced.
Joe Torre
Joe Torre
SSCrazy
SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)

Group: General Forum Members
Points: 2903 Visits: 777
Do both servers have an SPN? If not Kerberos may not be able to pass your login token from one server to another. What is the error you get when trying to connect?

bmg002
bmg002
SSChampion
SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)

Group: General Forum Members
Points: 12943 Visits: 2370
Has this ever worked?
Is there a different SQL instance you can successfully connect to on the network from your local machine?
Sue_H
Sue_H
SSC-Dedicated
SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)SSC-Dedicated (33K reputation)

Group: General Forum Members
Points: 33342 Visits: 9539
Joe Torre - Tuesday, August 1, 2017 9:34 AM
Do both servers have an SPN? If not Kerberos may not be able to pass your login token from one server to another. What is the error you get when trying to connect?


This is what my guess would be as well.
Aditya - Check the SPNs for both of the servers. It's pretty easy to check using the tool from Microsoft:
Kerberos Configuration Manager for SQL Server

Sue



aprathour.89
aprathour.89
SSC Eights!
SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)SSC Eights! (848 reputation)

Group: General Forum Members
Points: 848 Visits: 559
Thanks All.
Special thanks to Joe Torre and Sue_H !

The issue was with the SPN. used Kerberos Configuration Manager for SQL Server to check SPN.
After registering SPNs the issue was resolved , and now I am able to connect SQL without issue from one another servers.

-----------------
Aditya Rathour
SQL DBA

Not Everything that is faced can be changed,
but nothing can be changed until it is faced.
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum








































































































































































SQLServerCentral


Search