Domain account from SQL box needs to access file share on DMZ server RRS feed

  • Question

  • We have a web server set up on the DMZ that talks to a SQL 2005 server on the company domain.

    The issue is, we are trying to install this CMS engine that requires a domain account from the SQL server to access a share on the web server that is in the DMZ. 

    Is there a way to trust a domain account to have access to a share on the DMZ server?  I have heard of "read only" and one way trusts.  Is that secure and if so how would we go about setting that up?

    Basically I want to avoid at all costs of putting the SQL Server on the DMZ server but need a seamless way to access a file share from the trusted SQL Server.

    • Edited by SP-Achiever Wednesday, November 24, 2010 5:41 PM
    Monday, November 22, 2010 5:50 PM

All replies

  • Trust is established at the Windows level; SQL Server is just a passenger here. The Windows admin has to provide/establish the domain trust relationship for the SQL Server domain account to be trusted across the domain boundary.


    No great genius has ever existed without some touch of madness. - Aristotle
    • Proposed as answer by Tom Li - MSFT Wednesday, November 24, 2010 7:28 AM
    • Marked as answer by Tom Li - MSFT Wednesday, December 1, 2010 9:04 AM
    • Unmarked as answer by SP-Achiever Thursday, December 2, 2010 4:40 PM
    Tuesday, November 23, 2010 7:09 PM
  • Yes, so is there a way to trust a domain account to have access on a file share on a server that is not part of the domain (in the DMZ)?
    Wednesday, November 24, 2010 5:43 PM