Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Linked server setup issue - Windows Authentication Configured SQl 2000 server to Mixed...


Linked server setup issue - Windows Authentication Configured SQl 2000 server to Mixed Authentication Configured SQL 2000 Server

Author
Message
scott.ziesmer
scott.ziesmer
Forum Newbie
Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)

Group: General Forum Members
Points: 5 Visits: 60
Here's hoping someone can help me with my latest configuration issue. I'm trying to get linked servers setup appropriately. The environment I am testing this in has 3 servers in the same domain. Server 1 is configured with Windows authentication and has the startup service account configured to use a system account. Server 2 and 3 are both configured using mixed mode authentication and have the startup service account as a domain account (domain\username). I can setup linked servers between servers 2 and 3 without issue, but cannot connect to server 1 from 2 or from 3. I think my main issue is not knowing the correct way to configure the linked servers going to server 1. I can provide any additional information that would be helpful, but any insight would be appreciated. Also, we are moving to an environment where all of our servers will be switched to windows authentication, so simply switching server 1 to mixed is not an option. Thanks!
SQL ORACLE
SQL ORACLE
SSCommitted
SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)

Group: General Forum Members
Points: 1659 Visits: 1314
Since your three servers are in the same domain, you can use a domain account to link across each other among these three servers. You cannot use an SQL Server account to link Server 1.
scott.ziesmer
scott.ziesmer
Forum Newbie
Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)

Group: General Forum Members
Points: 5 Visits: 60
SQL ORACLE (5/27/2008)
Since your three servers are in the same domain, you can use a domain account to link across each other among these three servers. You cannot use an SQL Server account to link Server 1.


Thanks for the response! Can you help me further, though? I'm trying to figure out EXACTLY how to set that up using linked servers and what criteria needs to be met for the domain account? For instance, does account delegation need to be enabled for this to occur? And do you know any specifics on how the linked server setup would be configured (via enterprise or SQL code)?
SQL ORACLE
SQL ORACLE
SSCommitted
SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)

Group: General Forum Members
Points: 1659 Visits: 1314
Here is the outline of the setup
1. Create a domain account (You may ask your windows team to create it in the Active Directory);
2. Grant necessary permissions in these three SQL Servers;
3. Use sp_addlinkedserver to build the link between servers.
scott.ziesmer
scott.ziesmer
Forum Newbie
Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)Forum Newbie (5 reputation)

Group: General Forum Members
Points: 5 Visits: 60
Thanks again! For this specific scenario, is it a requirement to have delegation enabled in active directory?
SQL ORACLE
SQL ORACLE
SSCommitted
SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)SSCommitted (1.7K reputation)

Group: General Forum Members
Points: 1659 Visits: 1314
No. SQL Server 2000 does not have the concept of delegation itself.
extremenovice
extremenovice
SSC-Enthusiastic
SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)

Group: General Forum Members
Points: 124 Visits: 1140
Hi,

I have read through your questions and answers to your linked server setup issue.

I too am having a similar problem with two servers that i am trying to link together. I have tested a dmain account connection with two sql 2005 servers and it is successful. When i do this with a sql 2005 to sql 2008 it is unsuccessful, however when i have tested from the sql 2008 server to the 2005 it is successful. The error message i am receiving from the 2005 to 2008 server is as follows : Msg 18456, Level 14, State 1, Line 1
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

I think there may be some sort of compatibility issue going on here. As it is only when im trying to access the 2008 from 2005 this error message appears. The other way is ok (2008 to 2005).
Any advice would be greatly appreciated.

Thanks in advance.
Meet George Jetson
Meet George Jetson
SSCrazy
SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)

Group: General Forum Members
Points: 2719 Visits: 1393
In your case, it is more than likely that the firewall on the 2008 server is stopping incoming. Turn off the firewall and test.

Chris Powell

George: You're kidding.
Elroy: Nope.
George: Then lie to me and say you're kidding.
extremenovice
extremenovice
SSC-Enthusiastic
SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)SSC-Enthusiastic (124 reputation)

Group: General Forum Members
Points: 124 Visits: 1140
Hi and thanks for your reply. I have checked the firewall and it is off. I have ensured that the user id that i have used when creating the linked servers is on both servers with identical permissions. The configuration i have setup for both linked servers also have the same security settings, so I'm at a loss with this. Sad
arr.nagaraj
arr.nagaraj
SSChasing Mays
SSChasing Mays (632 reputation)SSChasing Mays (632 reputation)SSChasing Mays (632 reputation)SSChasing Mays (632 reputation)SSChasing Mays (632 reputation)SSChasing Mays (632 reputation)SSChasing Mays (632 reputation)SSChasing Mays (632 reputation)

Group: General Forum Members
Points: 632 Visits: 1590
as a first step, you can try creating i, linked server using sql authentication to ensure its not a firewall issue.

But looking at the error msg you have posted it looks like a typical SPN registration/Delegation error. For more details refer http://www.databasejournal.com/features/mssql/article.php/3696506/Setting-Up-Delegation-for-Linked-Servers.htm

Regards,
Raj

http://Strictlysql.blogspot.com
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search