Issues connecting to SQL Server using Windows Authentication
-
Hello,
I am trying to connect a (Win7) client my the sql server instance.
SQL server 2012 (11.0.2100) was installed on a virtual server running Windows server 2012 r2. Mixed mode was chosen during installation and also added current user (windows server user). In the sql server properties, server authentication is set to SQL Server and Windows Authentication mode. TCP/IP is enabled and set to port 1433. Windows firewall is disabled.
When logged into the virtual server (TESTBOX), the sql services run fine and i can connect to the db and run queries, etc...
So today, I installed SSMS on my windows 7 client (win7 client and virtual server are on same machine ) and am trying to connect to the SQL12_TEST1 instance on the VS.
I am able to connect to the db instance using SQL server authentication with the sa account.
but I cannot connect using windows authentication:
the user name is greyed out. jason-pc\jason is my win7 computer name and login. when i connect with this i get:
The sql server error log shows:
2019-06-14 11:02:15.11 Server Microsoft SQL Server 2012 - 11.0.2100.60 (X64)
Feb 10 2012 19:39:15
Copyright (c) Microsoft Corporation
Enterprise Evaluation Edition (64-bit) on Windows NT 6.2 <X64> (Build 9200: ) (Hypervisor)
2019-06-14 11:02:15.12 Server (c) Microsoft Corporation.
2019-06-14 11:02:15.12 Server All rights reserved.
2019-06-14 11:02:15.12 Server Server process ID is 4236.
2019-06-14 11:02:15.12 Server System Manufacturer: 'VMware, Inc.', System Model: 'VMware Virtual Platform'.
2019-06-14 11:02:15.12 Server Authentication mode is MIXED.
2019-06-14 11:02:15.12 Server Logging SQL Server messages in file 'C:\Program Files\Microsoft SQL Server\MSSQL11.SQL12_TEST1\MSSQL\Log\ERRORLOG'.
2019-06-14 11:02:15.12 Server The service account is 'NT Service\MSSQL$SQL12_TEST1'. This is an informational message; no user action is required.
2019-06-14 11:02:15.12 Server Registry startup parameters:
-d C:\Program Files\Microsoft SQL Server\MSSQL11.SQL12_TEST1\MSSQL\DATA\master.mdf
-e C:\Program Files\Microsoft SQL Server\MSSQL11.SQL12_TEST1\MSSQL\Log\ERRORLOG
-l C:\Program Files\Microsoft SQL Server\MSSQL11.SQL12_TEST1\MSSQL\DATA\mastlog.ldf
2019-06-14 11:02:15.12 Server Command Line Startup Parameters:
-s "SQL12_TEST1"
2019-06-14 11:02:15.21 Server SQL Server detected 2 sockets with 1 cores per socket and 1 logical processors per socket, 2 total logical processors; using 2 logical processors based on SQL Server licensing. This is an informational message; no user action is required.
2019-06-14 11:02:15.21 Server SQL Server is starting at normal priority base (=7). This is an informational message only. No user action is required.
2019-06-14 11:02:15.21 Server Detected 2047 MB of RAM. This is an informational message; no user action is required.
2019-06-14 11:02:15.21 Server Using conventional memory in the memory manager.
2019-06-14 11:02:15.31 Server This instance of SQL Server last reported using a process ID of 4564 at 6/14/2019 11:02:08 AM (local) 6/14/2019 3:02:08 PM (UTC). This is an informational message only; no user action is required.
2019-06-14 11:02:15.31 Server Node configuration: node 0: CPU mask: 0x0000000000000003:0 Active CPU mask: 0x0000000000000003:0. This message provides a description of the NUMA configuration for this computer. This is an informational message only. No user action is required.
2019-06-14 11:02:15.31 Server Using dynamic lock allocation. Initial allocation of 2500 Lock blocks and 5000 Lock Owner blocks per node. This is an informational message only. No user action is required.
2019-06-14 11:02:15.34 Server Software Usage Metrics is disabled.
2019-06-14 11:02:15.34 spid7s Starting up database 'master'.
2019-06-14 11:02:15.39 spid7s Resource governor reconfiguration succeeded.
2019-06-14 11:02:15.39 spid7s SQL Server Audit is starting the audits. This is an informational message. No user action is required.
2019-06-14 11:02:15.39 spid7s SQL Server Audit has started the audits. This is an informational message. No user action is required.
2019-06-14 11:02:15.42 spid7s SQL Trace ID 1 was started by login "sa".
2019-06-14 11:02:15.42 spid7s Server name is 'TESTBOX\SQL12_TEST1'. This is an informational message only. No user action is required.
2019-06-14 11:02:15.45 Server CLR version v4.0.30319 loaded.
2019-06-14 11:02:15.49 Server Common language runtime (CLR) functionality initialized using CLR version v4.0.30319 from C:\Windows\Microsoft.NET\Framework64\v4.0.30319\.
2019-06-14 11:02:15.51 spid13s A self-generated certificate was successfully loaded for encryption.
2019-06-14 11:02:15.51 spid13s Server is listening on [ 'any' <ipv6> 1433].
2019-06-14 11:02:15.51 spid13s Server is listening on [ 'any' <ipv4> 1433].
2019-06-14 11:02:15.51 spid13s Server local connection provider is ready to accept connection on [ \\.\pipe\SQLLocal\SQL12_TEST1 ].
2019-06-14 11:02:15.51 spid13s Server local connection provider is ready to accept connection on [ \\.\pipe\MSSQL$SQL12_TEST1\sql\query ].
2019-06-14 11:02:15.51 Server Server is listening on [ ::1 <ipv6> 53312].
2019-06-14 11:02:15.51 Server Server is listening on [ 127.0.0.1 <ipv4> 53312].
2019-06-14 11:02:15.51 Server Dedicated admin connection support was established for listening locally on port 53312.
2019-06-14 11:02:15.52 spid13s SQL Server is now ready for client connections. This is an informational message; no user action is required.
2019-06-14 11:02:15.52 Server SQL Server is attempting to register a Service Principal Name (SPN) for the SQL Server service. Kerberos authentication will not be possible until a SPN is registered for the SQL Server service. This is an informational message. No user action is required.
2019-06-14 11:02:15.52 Server The SQL Server Network Interface library could not register the Service Principal Name (SPN) [ MSSQLSvc/TestBox:SQL12_TEST1 ] for the SQL Server service. Windows return code: 0xffffffff, state: 63. Failure to register a SPN might cause integrated authentication to use NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies and if the SPN has not been manually registered.
2019-06-14 11:02:15.52 Server The SQL Server Network Interface library could not register the Service Principal Name (SPN) [ MSSQLSvc/TestBox:1433 ] for the SQL Server service. Windows return code: 0xffffffff, state: 63. Failure to register a SPN might cause integrated authentication to use NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies and if the SPN has not been manually registered.
2019-06-14 11:02:15.58 spid14s A new instance of the full-text filter daemon host process has been successfully started.
2019-06-14 11:02:15.60 spid17s Starting up database 'msdb'.
2019-06-14 11:02:15.60 spid9s Starting up database 'mssqlsystemresource'.
2019-06-14 11:02:15.60 spid18s Starting up database 'AdventureWorks'.
2019-06-14 11:02:15.60 spid19s Starting up database 'TSQL2012'.
2019-06-14 11:02:15.61 spid9s The resource database build version is 11.00.2100. This is an informational message only. No user action is required.
2019-06-14 11:02:15.63 spid9s Starting up database 'model'.
2019-06-14 11:02:15.64 spid9s Clearing tempdb database.
2019-06-14 11:02:15.66 spid9s Starting up database 'tempdb'.
2019-06-14 11:02:15.69 spid20s The Service Broker endpoint is in disabled or stopped state.
2019-06-14 11:02:15.69 spid20s The Database Mirroring endpoint is in disabled or stopped state.
2019-06-14 11:02:15.69 spid20s Service Broker manager has started.
2019-06-14 11:02:15.72 spid7s Recovery is complete. This is an informational message only. No user action is required.
2019-06-14 11:02:18.01 spid27s AppDomain 2 (master.sys[runtime].1) created.
2019-06-14 11:03:50.44 Logon Error: 17806, Severity: 20, State: 14.
2019-06-14 11:03:50.44 Logon SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. The logon attempt failed [CLIENT: 192.168.86.1]
2019-06-14 11:03:50.44 Logon Error: 18452, Severity: 14, State: 1.
2019-06-14 11:03:50.44 Logon Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT: 192.168.86.1]
2019-06-14 11:05:01.85 Logon Error: 17806, Severity: 20, State: 14.
2019-06-14 11:05:01.85 Logon SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. The logon attempt failed [CLIENT: 192.168.86.1]
2019-06-14 11:05:01.85 Logon Error: 18452, Severity: 14, State: 1.
2019-06-14 11:05:01.85 Logon Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT: 192.168.86.1]
Seems like the bold and italics above in the log is where I need to be focusing.
I found a possible workaround :
Navigate to: HKLM\System\CurrentControlSet\Control\LSA
Add a DWORD value called “DisableLoopbackCheck”
Set this value to 1
But doing this does not help.
I just don't understand the authentication and login process well enough. How do I get Windows Authentication to work properly?
Also, I am trying to find some docs or videos that clearly explain how to setup authentication but I haven''t found anything clear. Does anyone know any good links ?
Thank you
Jason
Microsoft Certified Professional: MCSE Data Management and Analytics
-
your issue is that you don't have a domain - as such you need to do a few extra steps to enable Windows authentication
main thing as per the post is that the user MUST be created on both machines with exactly the same name and password.
and then obviously be added to the SQL instance (and ensure that firewall, tcp/ip and bits are enabled)
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply