locked
Are there any problems with a "required Extended Protection" / "Always On" / "Livelink Server" combination? RRS feed

  • Question

  • Hello,

    we have a Livelink  Server database running with two replicas on two nodes as Always On Group, both instances running extended protection in "allowed" mode.

    Our company security policy demands setting the extended protection to "required".

    Are there any known problems with a "required Extended Protection" / "Always On" / "Livelink Server" combination?

    Environment:
    OS: Windows Server 2008 R2 Enterprise X64 SP1
    DB: SQL Server 2012 (11.0.5556.0)

    Thx & BR

    Achim

     


    Friday, April 17, 2015 2:52 PM

Answers

  • Hi Achim,

    According to my knowledge, there are no known problems with a "required Extended Protection" / "Always On" / "Livelink Server" combination.

    Extended Protection helps to prevent an authentication relay attack by using service binding and channel binding. We need to note that when Extended Protection is set to Required, only connections from protected applications on protected operating systems are accepted. This setting is the most secure but connections from operating systems or applications that do not support Extended Protection will not be able to connect to SQL Server. For more details, please review the following article.

    Connect to the Database Engine Using Extended Protection
    https://msdn.microsoft.com/en-us/library/ff487261(v=sql.110).aspx


    Thanks,
    Lydia Zhang

    If you have any feedback on our support, please click here.


    Lydia Zhang
    TechNet Community Support



    Monday, April 20, 2015 5:45 AM