SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Login failed for user ''NT AUTHORITY\ANONYMOUS LOGON''. [SQLSTATE 28000] (Error 18456)


Login failed for user ''NT AUTHORITY\ANONYMOUS LOGON''. [SQLSTATE 28000] (Error 18456)

Author
Message
pureaqua
pureaqua
SSC Rookie
SSC Rookie (38 reputation)SSC Rookie (38 reputation)SSC Rookie (38 reputation)SSC Rookie (38 reputation)SSC Rookie (38 reputation)SSC Rookie (38 reputation)SSC Rookie (38 reputation)SSC Rookie (38 reputation)

Group: General Forum Members
Points: 38 Visits: 43
Check this out:
http://blogs.msdn.com/sql_protocols/archive/2006/12/02/understanding-kerberos-and-ntlm-authentication-in-sql-server-connections.aspx
alen teplitsky
alen teplitsky
SSCrazy
SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)

Group: General Forum Members
Points: 2712 Visits: 4666
just had this happen to me

i'm setting up backup monitoring like in the article from a few weeks ago. not using a powershell script because i have some old clients. just setting up SQL jobs with the raw code. tried the code on my laptop and got the error. RDP'd into a server and tried it from there and it worked.

looked it up and it's the double kerberos jump like someone said earlier in the thread.
mcliffordDBA
mcliffordDBA
SSC-Enthusiastic
SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)

Group: General Forum Members
Points: 121 Visits: 891
I know this thread is old, but I am going to share what worked for me.

Disable all network Protocols execpt TCP/IP on the instance you are trying to make a linked server connection to. Bounce the service and make the linked server connection using current security context.


I make it a best pratice to on all installs to:
1. Disable the browser service.
2. disable all network protocols, but TCP/IP.
3. Change Defalut Port. (Setup Alias)
James Zimmerman
James Zimmerman
SSC Rookie
SSC Rookie (37 reputation)SSC Rookie (37 reputation)SSC Rookie (37 reputation)SSC Rookie (37 reputation)SSC Rookie (37 reputation)SSC Rookie (37 reputation)SSC Rookie (37 reputation)SSC Rookie (37 reputation)

Group: General Forum Members
Points: 37 Visits: 302
I have overcome this problem by restarting my PC.
kmdeepika 44412
kmdeepika 44412
Forum Newbie
Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)

Group: General Forum Members
Points: 4 Visits: 19
Hi,
solution for this issue is give remote login user id and password in linked server properties.

1.Add linked server using sp_addlinkedserver 'server name'
2.Right Click -->Properties --> Security -->Add --> Give Remote User & password for Local Login
3.Below that u can find a text 'For a login not defined in the list above,Connection will' with four radio button options
Select last option - Be made using this security context Remote Login with password.

This simple solution worked for me.

Thanks
Deepika
andegre
andegre
SSC-Addicted
SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)

Group: General Forum Members
Points: 435 Visits: 460
I'd like to bring this topic back up because I don't quite understand the last post.

My background:
Application running on Windows 2003 server
ApplicationPool username is 'dotnetsysadmin'
My application opens a web browser which is an aspx page (I bring that up because I'm not sure if the app would be sending the "System.Current.Username", or whatever it is, or if it's 'dotnetsysadmin'
I've run these different versions of the sp_addlinkedsrvlogin script:

EXEC sp_addlinkedsrvlogin @rmtsrvname = N'labdevrpt', @useself = N'True', @locallogin = 'IDOT\dotnetsysadmin', @rmtuser = 'dotnetsysadmin'
EXEC sp_addlinkedsrvlogin @rmtsrvname = N'labdevrpt', @useself = N'False', @locallogin = 'IDOT\dotnetsysadmin', @rmtuser = 'dotnetsysadmin'



For the first of those, I get this error in my application:
An error occurred trying to retrieve the RDARS data. Check the ExceptionLog for more details. A SqlClient.SqlException happened in ExecuteFill! Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

And for the second, I get this error:
An error occurred trying to retrieve the RDARS data. Check the ExceptionLog for more details. A SqlClient.SqlException happened in ExecuteFill! Login failed for user 'dotnetsysadmin'.

The previous poster said to RightClick->Properties->Security->Add, then something after that, but where do I right-click? Or does anyone know how to fix this?

BTW - I've sent in a request to our DBA to run the 2nd version of that script while defining the username AND password, because our server team won't let us know what the application password is...
mcliffordDBA
mcliffordDBA
SSC-Enthusiastic
SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)

Group: General Forum Members
Points: 121 Visits: 891
Is this a web application?
Does the SQL Server you are trying to reach on the server or is it on another server?

If it is on another server I bet you are getting into a kerberos problem.

If you want to check your Keberos for a web server I found this utility great for troubleshooting my problems.

http://www.iis.net/community/default.aspx?tabid=34&g=6&i=1887
mcliffordDBA
mcliffordDBA
SSC-Enthusiastic
SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)SSC-Enthusiastic (121 reputation)

Group: General Forum Members
Points: 121 Visits: 891
Also, This is the way I run all of my SQL Instances and I don't have any problems with login issues. It may or may not be correct but it works well for me.

1. Enable TCP/IP Client protocol only. (Disable the rest)
--Change Port number
2. Alias the Instance name with the new port number. (This is the key)
3. Setup Alias on the agent so I can join my MSX/TSX Correctly.
4. When I create a linked server I use with trusted connections.
--Always make sure I alias the remote machine.
5. I always use AD Accounts/Groups to contorl my security. I never assign a local and/or group/AD Account security to remote login.
andegre
andegre
SSC-Addicted
SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)

Group: General Forum Members
Points: 435 Visits: 460
Matthew Clifford (10/12/2010)
Is this a web application?
Does the SQL Server you are trying to reach on the server or is it on another server?

If it is on another server I bet you are getting into a kerberos problem.

If you want to check your Keberos for a web server I found this utility great for troubleshooting my problems.

http://www.iis.net/community/default.aspx?tabid=34&g=6&i=1887


"Is it a web application" - Kind of. The part of the application that is trying to do the linkedserver query IS a web page.

The application runs from multiple application servers, then there is a SQL Server on a different server, then there is a 2nd SQL Server which is where my data resides (hence the linkedserver query). So I'm guessing it's the kerberos thing that you said, since the application and database are on different servers...I'll try your link.

Thanks
andegre
andegre
SSC-Addicted
SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)SSC-Addicted (435 reputation)

Group: General Forum Members
Points: 435 Visits: 460
Matthew Clifford (10/12/2010)
If you want to check your Keberos for a web server I found this utility great for troubleshooting my problems.

http://www.iis.net/community/default.aspx?tabid=34&g=6&i=1887


Unfortunately, I am running IIS 5.0 and this only works with 6 and 7. Damn!
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search