locked
How to created linked server between two different domains? RRS feed

  • Question

  • Can anyone help on this,

    I have two sql servers 2008, Server A is located on Domain A, and the Server B is located on Domain B.
    I want to create a Linked server in Server A refer to the Server B.  I got Windows Authentication accounts for both server A and Server B.

    I can not direct connect the Server B using SSMS in Server A. 
    I am able to access the Server B by  running the command: RUNAS /user:DomainB\user /netonly "..\..\Ssms.exe"

    Any suggestions are appreciated.

    Thanks
    Thursday, March 18, 2010 11:21 AM

Answers

  • For Windows login authentication, using the linked server as self,  a couple of things to be sure of is that a Trust has been established between domains and that delegation is enabled across all affected computers.
    http://msdn.microsoft.com/en-us/library/ms943015(CS.70).aspx

    If there is no trust between the domains, you may still be able to define a linked server by using its IP address instead of its domain name.

    It should also be possible to log in to the DomainA server as a SQL Server login and define a mapping to a SQL Server login on the DomainB server, providing the password in the linked server security definition.  You can see the code for that type of definition below.

    EXEC master.dbo.sp_addlinkedsrvlogin @rmtsrvname = N'TheOtherDomainServer', @locallogin = N'AConnection', @useself = N'False', @rmtuser = N'BConnection', @rmtpassword = N'@Gj89eR(*OK'

    RLF
    Thursday, March 18, 2010 8:55 PM
  • The second option explained by Russell is the one that we use between our SQL server and host company's SQL server and that works without any problem. Make sure your second domain has firewall open for the IP address of the SQL server in the first domain.
    Thanks, Leks
    Thursday, March 18, 2010 9:07 PM

All replies

  • For Windows login authentication, using the linked server as self,  a couple of things to be sure of is that a Trust has been established between domains and that delegation is enabled across all affected computers.
    http://msdn.microsoft.com/en-us/library/ms943015(CS.70).aspx

    If there is no trust between the domains, you may still be able to define a linked server by using its IP address instead of its domain name.

    It should also be possible to log in to the DomainA server as a SQL Server login and define a mapping to a SQL Server login on the DomainB server, providing the password in the linked server security definition.  You can see the code for that type of definition below.

    EXEC master.dbo.sp_addlinkedsrvlogin @rmtsrvname = N'TheOtherDomainServer', @locallogin = N'AConnection', @useself = N'False', @rmtuser = N'BConnection', @rmtpassword = N'@Gj89eR(*OK'

    RLF
    Thursday, March 18, 2010 8:55 PM
  • The second option explained by Russell is the one that we use between our SQL server and host company's SQL server and that works without any problem. Make sure your second domain has firewall open for the IP address of the SQL server in the first domain.
    Thanks, Leks
    Thursday, March 18, 2010 9:07 PM
  • Thanks for your input, It is verfy helpful. The option2 works. I applied the SQL Server Authentication account.

    Mingzhuang

    Friday, March 26, 2010 2:02 AM
  • pardon my ignorance as i am a new user to SQL,

    i have the same scenario and i tried creating linked servers using IPs. it says connection stablished but i cannot se any database which is on other server.

    i can only see system CAtalogs which consist of system DBs and a report server and ReportSErverTEmpDB databses.

    am i doing something wrong? help will be apprecaited.


    Qais
    Tuesday, June 22, 2010 11:35 AM
  • This means that the linked server security context (either a Windows login as a trusted connection or a SQL Server login) you use to connect to the remote server has limited rights on that server.

    The best action is to have the DBA or other administrator grant your login the necessary rights on the remote server.  Once the correct rights have been granted, you should be able to see the other databases that you need to use.

    The main thing is to be sure that you know what login is connecting through the linked server.  Using SQL Server Management Studio, you can open the properties of the linked server and click on the Security tab to see how it was set up.  The path in Object Explorer is:

    ServerName / Server Objects / Linked Servers / linkedservername

    RLF

     

    Tuesday, June 22, 2010 12:24 PM