locked
Mirroring - Log shipping Cross different domains RRS feed

  • Question

  • Hi All,

    SQL Server 2012 SP2 - WIndows 2008 R2.

    We are currently doing Mirroring from one domain to another (On a different subnet/network) via

    Network1

    DomainABC\SQLAccount1 - Password1 -----> SQL Server Service Account

    DomainABC\SQLAccount2 - Password2 -----> SQL Server Agent Service Account


    Network2

    DomainABC\SQLAccount1 - Password1 -----> SQL Server Service Account

    DomainABC\SQLAccount2 - Password2 -----> SQL Server Agent Service Account


    and it works. We are planning to do the Log shipping but this time different Domain but same userID and Password


    Network1

    DomainABC\SQLAccount1 - Password1 -----> SQL Server Service Account

    DomainABC\SQLAccount2 - Password2 -----> SQL Server Agent Service Account

    Network2

    DomainDEF\SQLAccount1 - Password1 -----> SQL Server Service Account

    DomainDEF\SQLAccount2 - Password2 -----> SQL Server Agent Service Account


    Is this possible without TRUST between the domains ?. Is there a workaround ?. Any articles, Microsoft site you can point me to ?. Thanks for any help.








    • Edited by DCarlos Tuesday, October 27, 2015 8:17 PM
    Tuesday, October 27, 2015 7:56 PM

Answers

  • Hi Carlos,

    Sorry with mirroring there is no work around. Different domains to exchange communication a trust is required. with out a trust you can not establish connection.

    Your best option is Logshipping. you do not require any trust between the networks. ship the transaction log backups to a shared location and restore to your secondary server.

    Bye

    kumar

    • Marked as answer by DCarlos Saturday, October 31, 2015 10:54 PM
    Tuesday, October 27, 2015 11:49 PM

All replies

  • Hi Carlos,

    Sorry with mirroring there is no work around. Different domains to exchange communication a trust is required. with out a trust you can not establish connection.

    Your best option is Logshipping. you do not require any trust between the networks. ship the transaction log backups to a shared location and restore to your secondary server.

    Bye

    kumar

    • Marked as answer by DCarlos Saturday, October 31, 2015 10:54 PM
    Tuesday, October 27, 2015 11:49 PM
  • Hi DCarlos,

    When your servers are on different domains with no trust relationships, you can set up database mirroring using certificates. For more details, please review this article: https://technet.microsoft.com/en-us/library/ms191140(v=sql.110).aspx .

    For log shipping, as your post, you can firstly create service accounts in your Active Directory of the two domains, which have same name and same password, then use the accounts to run SQL Server Agent Service on primary server and secondary server. Also ensure that that SQL Server Agent service account has permission on log shipping relevant folders as described in this blog:  SQL Server Log Shipping to a Different Domain or Workgroup.

    There is also a similar blog about considerations for configuring cross-domain Log Shipping for your reference.

    http://www.sqlserverfaq.net/2012/04/25/considerations-for-configuring-log-shipping-for-a-cross-domain-clustered-instance-of-sql-server-over-a-firewall/

    Thanks,
    Lydia Zhang

    If you have any feedback on our support, please click here.


    Lydia Zhang
    TechNet Community Support




    Wednesday, October 28, 2015 2:35 AM
  • What share location ?. Shared location has to be in one of the domains (Either the source or the destination). If you can assign permissions from one domain, you can not assign it from another domain (Domain User) unless there is trust.

    Also, I was not talking about certificates but yes, that is one way to do it.

    Saturday, October 31, 2015 10:57 PM