Post reply

LInked server login failure

  • May 11, 2007 at 11:17 am

    #176352

    I am trying to create a linked server and it is failing with Error 18452 login failed for user (null).

     

    My settings are:

    Linked Server Parameters:

    Server type: SQL SERVER

    Security: BE MADE USING THE LOGIN’S CURRENT SECURITY CONTEXT

    I am using my own account which has SA rights on all instances.

    Some other facts:

    - SQL 2000 SP4 HF 2187

    - Mixed mode authentication

    I am using my domain account.

    - Both instances are on clustered servers but different clustered servers

    - The "client" instance is in a different domain from the host instance but there is a trust set up

    - I can create a linked server from either instance to another instance on the same cluster (both clusters have multiple instances)

    Any suggestions would be greatly appreciated...

    JC III

  • May 14, 2007 at 2:47 am

    #706141

    ---login failed for user (null).

     

    I would use a explicit SQL account for the primary purpose of the linked servers with minimalistic rights applied for best practise.

     

    Map the local Linkserver SQL account to the remote SQL account, specifiying the default catalog, RPC enabled provided you want to call procedures and manually specify the SQL credentials.

    I hope this helps?

  • May 14, 2007 at 5:20 am

    #706174

    Thanks for the advice but I would like to solve the problem at hand. I have other servers configured with links the same way that work fine.

     

    An additional note: I remoted into the server hosting the instance I am configuring the linked server for and the same configuration works fine. I am logged in with my account from my computer running Enterprise manager and it does work, if I log into the server with the same account and run EM it works?

     

    Thanks...>JC III

     

  • May 15, 2007 at 1:13 am

    #706417

    When you connect linked server from your workstation it will use Double Hop method. Hence you need to check the below steps.

    1. Check the SPN registered correctly for both the servers

    2. The service account under which the SQL instance is running must be “trusted for delegation”, configured in Active Directory. If the service is running as “NT AUTHORITY\SYSTEM” or “NT AUTHORITY\NETWORK SERVICE”, the computer must be “trusted for delegation”.

     3. The user’s domain account must NOT select “Account is sensitive and cannot be delegated” in its Active Directory properties of domain.

    Regards.. Raj

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply