SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Accessing AD from SQL Server 2005 on Windows server 2003


Accessing AD from SQL Server 2005 on Windows server 2003

Author
Message
dave-dj
dave-dj
Ten Centuries
Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)

Group: General Forum Members
Points: 1016 Visits: 1149
Hi hopefully someone can help me with this as well.

as above, I'm trying to query my LDAP server.

This is what I have setup:

I have access to our Active Directory and can view users and machines in active directory

- SQL Server 2005 Develper Edition installed on my machine.

- All services started.
SQL Server, SQL Server Agent, SSAS, SQL Server Browser, SQL Full Text Search & SQL Server VSS Writer all started as Local System
SSIS is started as Network Service

- OpenQuery is enabled
(I can run open query commands to other systems)

- I have defined a AD linked server as follows:
EXEC sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5', 'ADSDSOObject', 'adsdatasource'

- Having configure the linked server I have run the following query:
select * from openquery
(ADSI,'SELECT cn, mail, co, distinguishedName, displayName
FROM "LDAP://DC=MyDOMAIN,DC=net" where objectClass = "User" ')

where the domain is MyDOMAIN.NET.

I get the error:


Msg 7321, Level 16, State 2, Line 1
An error occurred while preparing the query "SELECT cn, mail, co, distinguishedName, displayName
FROM "LDAP://DC=MyDOMAIN,DC=net" where objectClass = "User" " for execution against OLE DB provider "ADSDSOObject" for linked server "ADSI".



What is: MSSQLServerADHelper - should this be started??
How do I know if SQL Server is operating in Kerboros mode - where do I change it?
Have I missed anything else??

Sorry - I know this has been covered several times, but I' struggling to see what the issue is!

_____________________________________________________________________________
MCITP: Business Intelligence Developer (2005)
dave-dj
dave-dj
Ten Centuries
Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)

Group: General Forum Members
Points: 1016 Visits: 1149
Hi hopefully someone can help me with this as well.

as above, I'm trying to query my LDAP server.

This is what I have setup:

I have access to our Active Directory and can view users and machines in active directory

- SQL Server 2005 Develper Edition installed on my machine.

- All services started.
SQL Server, SQL Server Agent, SSAS, SQL Server Browser, SQL Full Text Search & SQL Server VSS Writer all started as Local System
SSIS is started as Network Service

- OpenQuery is enabled
(I can run open query commands to other systems)

- I have defined a AD linked server as follows:
EXEC sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5', 'ADSDSOObject', 'adsdatasource'



- Having configure the linked server I have run the following query:
select * from openquery
(ADSI,'SELECT cn, mail, co, distinguishedName, displayName
FROM "LDAP://DC=MyDOMAIN,DC=net" where objectClass = "User" ')

where the domain is MyDOMAIN.NET.

I get the error:

Msg 7321, Level 16, State 2, Line 1
An error occurred while preparing the query "SELECT cn, mail, co, distinguishedName, displayName
FROM "LDAP://DC=MyDOMAIN,DC=net" where objectClass = "User" " for execution against OLE DB provider "ADSDSOObject" for linked server "ADSI".




What is: MSSQLServerADHelper - should this be started??
How do I know if SQL Server is operating in Kerboros mode - where do I change it?
Have I missed anything else??

Sorry - I know this has been covered several times, but I' struggling to see what the issue is!

_____________________________________________________________________________
MCITP: Business Intelligence Developer (2005)
thorv-918308
thorv-918308
SSC Rookie
SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)

Group: General Forum Members
Points: 31 Visits: 240
.
thorv-918308
thorv-918308
SSC Rookie
SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)SSC Rookie (31 reputation)

Group: General Forum Members
Points: 31 Visits: 240
Correction to above post...

I had your issue, and managed a temp fix as below (at least it will work)....

In SSMS, browse to your linked server: ADSI.

Right-click ADSI, select properties, click "security" on left.
Change security from "Be made using login's current security context"
to-> "Be made using this security context"

Use a domain account (of same domain you are querying),
supply the password- which you would need to know.

UserName format: DOMAIN_NAME\USERNAME

Click OK.

Run queries supplied in above posts..

NOTE: this is not the proper solution, this will just highlight the fact that if this change works it means:
1) the security context under which SQL runs does not have permission to connect to the domain controller
2) you need to change SQL server service to use an account which does have permission to the domain controller
3) once option 2 is applied, change security back to "Be made using login's current security context"

Best of luck!
Hope you resolve the issue.
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search