Robert klimes (9/19/2011)
I was able to add the login after I had failed-over the server to the other node.My investigation into this led me to another question. When trying to add the login through sql or SSMS and even searching for login in SSMS did not cause any traffic to active directory. I had found this by setting up a packet capture on the database server scanning for any traffic on ports 389,88,139.
So my question at this point would be: Does sql server cache active directory credentials for all its logins and all AD acount withing and group login? If so, is there any way to clear this cache?
Hmm, I always thought of it like this: SQL Server talks to Windows, which DOES cache authentication information. If Windows needs to talk to AD it will based on expiration criteria... could be wrong on this, would appreciate know this for sure if someone else has detailed knowledge of the internals.