Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Another linked server login problem


Another linked server login problem

Author
Message
Carlaabanes
Carlaabanes
SSC Journeyman
SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)

Group: General Forum Members
Points: 82 Visits: 474
hi everyone,

i need to consult this issue am having with linked server.

i setup a linked server from server1 to server2. currently there already N number of linked servers connecting to server2 from other sql servers. my problem is that my newly created (from my ssms on my pc) linked server from server1 to server2, it returns login failed for user 'null'. but when i try to connect to server1 via remote desktop, open up ssms, go to server objects and test the linked server connection, everything is working!

appreciate any help extended. i've been working on this for half a day now. btw, all sql are windows auth, and i'm using my domain account to login to remote desktop.

please help!

Cheers! :-)
[url=http://coffeeandsql.com/][/url]
MissTippsInOz
MissTippsInOz
SSC Veteran
SSC Veteran (289 reputation)SSC Veteran (289 reputation)SSC Veteran (289 reputation)SSC Veteran (289 reputation)SSC Veteran (289 reputation)SSC Veteran (289 reputation)SSC Veteran (289 reputation)SSC Veteran (289 reputation)

Group: General Forum Members
Points: 289 Visits: 597
Your issue is with 'double-hop' authentication. When you're logged onto Server1,you are able to authenticate directly to Server2, but when you are connected to Server1 via your PC (using your Windows credentials), in order to connect to Server2, Server1 needs to be authorised to delegate(forward) your credentials on to Server 2.

If you do a search in BOL, for 'double hop' you should find everything you need to get this up and running (with a little help from a friendly Domain Admin:-)). Pop back if you're still struggling.

Clare
_________________________________________________________________________________________________________________
Measure twice; cut once (and have a good saw)

Hey, just a thought.....did you check Books Online yet?
Carlaabanes
Carlaabanes
SSC Journeyman
SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)SSC Journeyman (82 reputation)

Group: General Forum Members
Points: 82 Visits: 474
thanks much Clare for your reply,

i came across this post http://www.sqlservercentral.com/articles/Security/65169/ and i'm reading it now. will let you know what happens.

again, thanks!!!

Cheers! :-)
[url=http://coffeeandsql.com/][/url]
Nils Gustav Stråbø
Nils Gustav Stråbø
SSCrazy
SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)SSCrazy (2K reputation)

Group: General Forum Members
Points: 2013 Visits: 3575
The basic steps are:

Make sure that a SPN is created for both instances, and ensure that Kerberos is used when connection to the. the auth_scheme in sys.dm_exec_connections will say 'KERBEROS'. The SPN must be created on the account running the SQL Server services.
Allow delegation from from Server1 to Server2. This is done in AD, and I think it must be done by a Domain Admin.
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search