Impersonate Windows Authentication outside a domain RRS feed

  • Question

  • I have a .Net Windows desktop application running in a domain that talks queries/writes to a Sql Server db on the same domain via Windows Authentication. This is fine. What I need to know is how do I have the application utilize Windows Authentication to hit the server in the server's domain when the application is running from a different domain (e.g like a laptop from a remote location or one of our service people need to run the app against a users Sql Server on the client's domain from our domain)?

    I read these threads:



    are these the right approach or can someone point me to a link documenting the correct way?

    Tuesday, April 2, 2013 1:34 PM


  • Hi,

    Windows Authentication relies on NTLM or Kerberos to perform the authentication. These security package (SSP) create a token which is used by SQL Server.

    You have to conform to the requirements of one of these 2 protocols to achieve what you want.

    You can try a (unidirectional) trust relation between the 2 domains.



    Thursday, May 9, 2013 5:14 PM