Linked server setup issue - Windows Authentication Configured SQl 2000 server to Mixed Authentication Configured SQL 2000 Server

  • Here's hoping someone can help me with my latest configuration issue. I'm trying to get linked servers setup appropriately. The environment I am testing this in has 3 servers in the same domain. Server 1 is configured with Windows authentication and has the startup service account configured to use a system account. Server 2 and 3 are both configured using mixed mode authentication and have the startup service account as a domain account (domain\username). I can setup linked servers between servers 2 and 3 without issue, but cannot connect to server 1 from 2 or from 3. I think my main issue is not knowing the correct way to configure the linked servers going to server 1. I can provide any additional information that would be helpful, but any insight would be appreciated. Also, we are moving to an environment where all of our servers will be switched to windows authentication, so simply switching server 1 to mixed is not an option. Thanks!

  • Since your three servers are in the same domain, you can use a domain account to link across each other among these three servers. You cannot use an SQL Server account to link Server 1.

  • SQL ORACLE (5/27/2008)


    Since your three servers are in the same domain, you can use a domain account to link across each other among these three servers. You cannot use an SQL Server account to link Server 1.

    Thanks for the response! Can you help me further, though? I'm trying to figure out EXACTLY how to set that up using linked servers and what criteria needs to be met for the domain account? For instance, does account delegation need to be enabled for this to occur? And do you know any specifics on how the linked server setup would be configured (via enterprise or SQL code)?

  • Here is the outline of the setup

    1. Create a domain account (You may ask your windows team to create it in the Active Directory);

    2. Grant necessary permissions in these three SQL Servers;

    3. Use sp_addlinkedserver to build the link between servers.

  • Thanks again! For this specific scenario, is it a requirement to have delegation enabled in active directory?

  • No. SQL Server 2000 does not have the concept of delegation itself.

  • Hi,

    I have read through your questions and answers to your linked server setup issue.

    I too am having a similar problem with two servers that i am trying to link together. I have tested a dmain account connection with two sql 2005 servers and it is successful. When i do this with a sql 2005 to sql 2008 it is unsuccessful, however when i have tested from the sql 2008 server to the 2005 it is successful. The error message i am receiving from the 2005 to 2008 server is as follows : Msg 18456, Level 14, State 1, Line 1

    Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

    I think there may be some sort of compatibility issue going on here. As it is only when im trying to access the 2008 from 2005 this error message appears. The other way is ok (2008 to 2005).

    Any advice would be greatly appreciated.

    Thanks in advance.

  • In your case, it is more than likely that the firewall on the 2008 server is stopping incoming. Turn off the firewall and test.

    Chris Powell

    George: You're kidding.
    Elroy: Nope.
    George: Then lie to me and say you're kidding.

  • Hi and thanks for your reply. I have checked the firewall and it is off. I have ensured that the user id that i have used when creating the linked servers is on both servers with identical permissions. The configuration i have setup for both linked servers also have the same security settings, so I'm at a loss with this. 🙁

  • as a first step, you can try creating i, linked server using sql authentication to ensure its not a firewall issue.

    But looking at the error msg you have posted it looks like a typical SPN registration/Delegation error. For more details refer http://www.databasejournal.com/features/mssql/article.php/3696506/Setting-Up-Delegation-for-Linked-Servers.htm

  • Thanks i will read this and feedback all my findings.:-)

Viewing 11 posts - 1 through 10 (of 10 total)

You must be logged in to reply to this topic. Login to reply