We are having a problem getting the security to properly authenticate
cross-server logins where the user is logged in using windows
authentication. We are currently running SQL Server on a W2K3 cluster in a
W2K3 domain. There are actually four servers, two physical, the cluster
virtual server, and the SQL virtual server. We'll call them SQL1P
(primary), SQL1F (failover), SQL (cluster virtual server), and SQLV(SQL
virtual server). All servers have been set up for delegation in AD for
kerberos, and the sql service account has all of the proper permissions.
The problem now is that cross server communication with the other SQL
servers (not in the cluster) will work using standard SQL accounts, but not
using windows authentication. Has anyone else had this problem and if so
how did you resolve it? Thanks in advance for your answers.
What error are you getting when you try to connect?
Rand
This posting is provided "as is" with no warranties and confers no rights.
|||This is the query that is being run:
select * from odewhsevprod.master.dbo.sysdatabases
Here is the error we are receiving:
Server: Msg 18452, Level 14, State 1, Line 1 Login failed for user '(null)'.
Reason: Not associated with a trusted SQL Server connection.
"Rand Boyd [MSFT]" <rboyd@.onlinemicrosoft.com> wrote in message
news:4H#0BElTEHA.3328@.cpmsftngxa10.phx.gbl...
> What error are you getting when you try to connect?
> Rand
> This posting is provided "as is" with no warranties and confers no rights.
>
|||We fixed the issue. We basically went in and reset the SPN's on the server
names and the sqlservice account as well as the mscs account, and now it
works fine.
"-DB" <server.team@.ode.state.or.us> wrote in message
news:eMYaAFjTEHA.2944@.tk2msftngp13.phx.gbl...
> We are having a problem getting the security to properly authenticate
> cross-server logins where the user is logged in using windows
> authentication. We are currently running SQL Server on a W2K3 cluster in
a
> W2K3 domain. There are actually four servers, two physical, the cluster
> virtual server, and the SQL virtual server. We'll call them SQL1P
> (primary), SQL1F (failover), SQL (cluster virtual server), and SQLV(SQL
> virtual server). All servers have been set up for delegation in AD for
> kerberos, and the sql service account has all of the proper permissions.
> The problem now is that cross server communication with the other SQL
> servers (not in the cluster) will work using standard SQL accounts, but
not
> using windows authentication. Has anyone else had this problem and if so
> how did you resolve it? Thanks in advance for your answers.
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment