May 12, 2020 at 4:30 pm
I have a db and app server. I created a LS on the DB server and this works.
It uses an AD account and the query references the LS. On the DB server it works, on the app server it works.
BUT when I run it from the app server, from the DB server I get an NT/ANONYMOUS LOGON error.
I'm baffled it's the same ad account and I know it works.
Thanks
Darryl Wilson
darrylw99@hotmail.com
May 12, 2020 at 5:59 pm
Do you have an SPN configured for the database server? The easiest way to check for it and to check the configuration is to use the Kerberos Configuration Manager. You can download it from this link:
Kerberos Configuration Manager
Sue
May 12, 2020 at 6:07 pm
Hi Sue.
I did actually Download the KCM. What am I looking for? Why do I need an SPN configured?
Thanks, Darryl
Darryl Wilson
darrylw99@hotmail.com
May 12, 2020 at 6:17 pm
You need an SPN, the account to be setup for delegation for Kerberos to work. You're looking for an SPN and no duplicates which is what the tool will do. This article explains Kerberos in SQL Server:
SQL SERVER – Why DBAs Need to Know about Kerberos – Notes from the Field #126
This article also explains it and has a walk thru using the Kerberos Configuration Manager:
How to link two SQL Server instances with Kerberos
Sue
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply