I am trying to create linked server on a SQL 2008 server to sql server on another domain. I tried following the advice given in this article: http://msdn.microsoft.com/en-us/library/ee191523%28v=sql.100%29.aspx about setting up Kerberos delegation but it does not seem to work when the server I am wanting to link to is on another domain.
Asked
Active
Viewed 3,749 times
0
-
what do you mean by "linked"? Are you trying to do mirroring, log shipping, etc? – Bret Fisher Mar 09 '11 at 23:57
-
@Bret - I assume just a straight forward "linked server" so you can do joins and subqueries from remote servers – Mark Henderson Mar 10 '11 at 01:52
-
I am trying to create a Linked Server to another SQL Server so I can reference this other server in queries. – Paul Mar 10 '11 at 06:10
2 Answers
1
Something that Microsoft does not always communicate clearly is that when using constrained delegation, both servers must be in the same AD domain. Service accounts must also be in the same domain. (Users access resources hosted by these servers can be in any trusted domain).
However, you should be able to use unconstrained delegation. (Trust this xxx to use any service). This may not be appropriate for security, but it could be a useful test.
Here is another link that has information about the same domain requirement:
http://blogs.technet.com/b/askds/archive/2008/11/25/fun-with-the-kerberos-delegation-web-site.aspx
Greg Askew
- 35,880
- 5
- 54
- 82
1
What I ended up doing was creating a SQL server login on the SQL server on the other domain. Then I created the linked server using that login as the Remote Login under the "Be made using this security context" option under the security section.
Paul
- 133
- 1
- 8