Post reply

Create linked Server using the login current security context (Active Directory)

  • August 12, 2016 at 3:56 pm

    #316158

    Hello

    I'm have trouble setting up a linked server to use the logins current security context.

    We use active directory accounts as windows logins

    I can get the linked server to work for a remote login. However we want to keep our security tight.

    When I select Be Made using the logins current security context, I get a error --- Login failed for user NT Autority\Anonlymous Logon. I'm an admin on both the local and remote SQL Servers.

    Any help appreciated!

    Mitch Small

  • August 14, 2016 at 11:03 am

    #1895355

    The Linked Server makes the login do a double-hop. If the kerberos configuration is not in place you will get an error similar to what you get. Usually the Database Engine service account does not have a Service Provider Name (SPN) registered. There are some articles at Microsoft, e.i. "Register a Service Principal Name for Kerberos Connections" (https://msdn.microsoft.com/en-us/library/ms191153.aspx).

    Kerberos configuration can give you a lot of headache, but when you get it right it gives you at lot of secure possibilities.

    /Niels Grove-Rasmussen

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply