August 14, 2006 at 6:35 am
Good day!
I have a engineer that has requested the following:
I can get Link Server authentication to work if I use an SQL account, but I can't get it to work using a domain account.
Here's the scenario:
End user accesses one of the web applications via the website.
For all web app users, IIS authenticates on behalf of the end user using the Domain account Domain\user. Thus all processes that access the DB are coming in as domain\user (connection string is data source=(local);initial catalog=<db>;Integrated Security=SSPI). But if a query running needs to access a table in DB, we want to set up a linked server that re-uses the same login context.
Basically, (because I had to take out all ref's to DB names, the above may not make total sense...) I need to create linked servers using AD security. The DB's could be on the same domain, they could be on a different domain. If I use a SQL authenticated account (IE sa, [I know, bad idea, but it was for testing...it worked on others as well]), this will work fine. The error we get is
Msg 7416, Level 16, State 1, Line 1
Access to the remote server is denied because no login-mapping exists.
Googling the erro came up empty thus far. I am really hoping someone has something for me to look at here...
Any questions, please ask, I will answer quickly.
Cory
-- Cory
August 15, 2006 at 8:06 am
Can you create a new database and then create views to the linked server tables and grant access to the views to the AD accounts?
August 30, 2006 at 9:13 am
I have tried nearly every server I have, with likely every various option - scoured the internet for anything, and I have come up empty.
Any other ideas?? Anyone?!
-- Cory
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply