1. Two trusted domains(Domain 1 and Domain 2) connected through 128kbps intranet in two different buildings.
2. A Computer(Machine 1) running SQL server 2000 connected with Domain 1.
3. An application which connects to sql server and with its related database on Machine 1.
4. I want to replicate data onto a computer (Machine 2) on Domain 2.so that users of domain 1 and domain 2 can have a synchronize database. And whenever they visit each other in different building they have their data availabe to them.
-A "master domain" AD, a "sub domain" AD, a trust relationship between the two (sub trust master) -A sql server 2005 on a win server 2003 in "sub domain" AD -A linked server to "sub domain" AD -A linked server login using a "sub domain" admin acccount -A view to this linked server -A grant on masterDomain/Domain Users to the database -A grant on subDomain/Domain Users to the database -We want all connections done through "Windows Authentication" not "Database Authentication".
Queries on the view work fine using "sub domain" user accounts. Queries on the view fail using "master domain" user accounts (including master domain admin accounts)
"Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation."
All connections are done through "Windows Authentication" not "Database Authentication".
Can we establish cross domain connectivity with "Windows Authentication" ?
Below are details of the implementation:
SELECT TOP (100) PERCENT * FROM OPENQUERY(ADSI, 'SELECT displayname, givenName, sn, cn (etc...) FROM ''LDAP://OU=PEOPLE,DC=subDomain,DC=com'' WHERE objectCategory = ''Person'' AND objectClass = ''user'' ')
In SQL Server Mngt Studio in Server Objects/Linked Servers/Providers/ ADSI properties security tab I have:
"connections will: <be made using this security context> Remote login:'subDomainAdminAccnt' With password: 'subDomainAdminAccntPassword'
Error: Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation.
Msg 7320, Level 16, State 2, Line 1
Cannot execute the query "SELECT displayname, givenName, sn, cn
FROM 'LDAP://OU=PEOPLE,DC=subDomain,DC=com'
WHERE
objectCategory = 'Person'
AND objectClass = 'user'
" against OLE DB provider "ADsDSOObject" for linked server "ADSI".
We have a local group the consists of users from a trusted domain.. THis is a one way trust, us trusting them.. When I add that local group as a trusted SQL login the users cannot access the database... We have narrowed it down to the security by verifying the user can log in using a test sql account and hit the database.. Any ideas??? IS it possible to map an account to a Local group on the domain or does it have to be a global group????
I am trying to perform an upgrade to 7.0. I have a two-way trusted domain in place. When I try to proceed with through the upgrade wizard I received the following error message:
"unable to connect to the export server.."
Basicly what I have is a SQL 6.5 in DOMAIN A and I created a SQL 7 in DOMAIN B. I want to upgrade the database from DOMAIN A to DOMAIN B. Is it possible to do so or does the SQL 7 needs to be in the same domain as the 6.5?
Thanks for any help. I will take any pointer someone can give me at this point.
One of my users gets the following error when he tries to connect to my SQL Server 2000 database using windows authentication via Query Analyzer:
[Micorsoft][ODBC SQL Server Driver][SQL Server] Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
Me and the server are located in Colorado and are on the NADomain. User is in London on the EURDomain. The EURDomain has a one way trust to the NADomain to use NADomain resources. I have granted access to the database to the user via Enterpise Manager as EURDomainuserid. All the literature I've read says this should be sufficient to connect but isn't. User can connect with SQL Server authentication. Users on the NADomain in Toronto can connect just fine with Windows Authentication. EURDomain user can access other file server resources in the same building as the SQL Server in Colorado.
SQL Server version is:
Microsoft SQL Server 2000 - 8.00.818 (Intel X86) Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
EURDomain Client ODBC version is 2000.85.1022.00 and MDAC is 2.8.
(Cross post from newsgroup) Attempting to implement Windows authentication between trusted domains. . . I have a domain trust set up between two domains connected via persistent vpn:
How can I setup a replication for a database over the firewall over non-trusted NT domains ?
Both the servers at the source and the destination are SQL Server 2000 with SP1 . Currently port 1433 is enabled on the firewall and i am able to connect to the destination server only through sa login and password . My replication works well . But i am concerned about the security aspects . The destination SQL server in on the Internet , and i don't know how far it is safe . How can i use NT authentication in such cases .
Any help will be appreciated in this regard . Thanks .
I have 2 Sql Servers each in different NT domain. There is no NT trust relationship established. On weekly basis I need to send data From 1st Server to a2nd server. What are my options. Can I use replication ?
I built SP's to create the Distributor/Publisher and Subscriber parts of Snapshot Replication. All run fine on 2 SQL2K installs on the SAME Domain.
BUT if I try to cross to another Domain (SQL2K as well) = NO JOY.
Error @ Subscriber doing a PULL: "Cannot connect to Distributor..."
Tried using sa, administrator, NEW Local user, etc. & continue getting the error. ALSO tried changing the Login of SQL & SQL Agent Services to the SAME Login on BOTH machines.
I have two servers that are setup to use their local system account. They are in the same workgroup, but aren't on a domain. Is there a way to setup replication without a domain? If so, how?
I currently have replication (transactional) set up within my domain successfully using 2000 and 2005. I need to start replicating to a hosting center for a web app from my server out on the DMZ. I can use SSIS and SMS to connect, update data, etc. but when I try to replicate out there it gives me the following errors:
1. Tells me it needs a named instance so I give it the hosted server name : ABC123
2. Then I get the following:
TITLE: Connect to Server ------------------------------
Failed to connect to server ABC123. (Microsoft.SqlServer.ConnectionInfo)
------------------------------
An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 53)
I am trying to set up Web Synchronization using Merge Replication. The Distributor and Publisher are on the same machine. Subscriber is a windows mobile application which syncs the data using web synchronization. I have configured IIS on web server for the sync. However there is no domain user on database and web server. Is it possible set up web sync without a domain user? Which user can I then use to give permissions on the snapshot share folder.
I'm trying to set up replication from one SQL server to another.
The publishing server is not a member of a domain and is located in a hosting center (but we have full control over the server). I can set up a Snapshot publication just fine.
The subscribing server is located in another remote location and is a member of a domain. Here I can also set up the subscription without errors.
The errors, I think, comes when the snapshot is about to be created, the error is, on the publisher server:
[298] SQLServer Error: 18456, Login failed for user 'NT AUTHORITYANONYMOUS LOGON'. [SQLSTATE 28000]
And the snapshot is not created.
Is it even possible to set up replication like this. I need to transfer the data from one sql server to another so we have a working "backup" so to speek if the other server does not respond.
Is it possible to configure transnational replication between two different domains also non trusted domains.
It's possible means what i need to take care before configure replication and how to configure transnational replication between two different domains.
After using ADMT to migrate the domain user or group into the root domain, when I use enterprise manager to try and change the permissions allocated to that domain user/group, i get the 'Error 15401 NT user or Group not found'.
This is a correct error as the user is now in the root domain, however sql (in sysxlogins) still thinks its in the child domain.
Is there a simpler way, other than collecting the users permissions, deleting the user from SQL then adding back in with the correct domainusername format, then adding the permissions back?
I tried renaming the 'name' in sysxlogins (not recommended) and while that worked, whenever I tried to add the migrated user to another database, the login name was missing and would not resolve.
I believe it is something to do with the SID not matching.
we recently migrated from our in-house domain to the Enterprise domain. Everything went smooth except for the fact that I can no longer accept my dBs using my SA or my domain admin account. There is only 1 account I can get into the management studio with but it has no admin privileges, so I can't make any password changes or add accounts. I don't have a test environment so kind of hesitant to experiment with our production system.
I'm trying to run a test from my test environment which is a non-domain Windows 2000 server to access my domain 2003 with SQL2005. I have install 2005 tools to try to access the SQL server.
- I have try following the KB265808 - no success. - Reading alot of blogs and it seems all are pointing to the same problem. "Remote access" but the settign is enabled.Error Message:
TITLE: Connect to Server ------------------------------
An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 53)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=53&LinkId=20476
Question: Could Windows 2003 security be blocking access? I'm using sa account to access.
Also, sa account does not seems to work for remote access. It is ok when accessing locally.
Hi all,it happen to me a strange problem:i have a mdb file (in Access 2K) with SQL Server 2K linked tables whoruns on a workstation which is on a different domain that the SQLServer. It works.If i create a mdb file from a workstation which is a the domain of theSQL Server and then i run it a my non-domain workstation i have errormessage:Login failed for user '(null)'. Reason: Not associated with a trustedSQL Server connectionBut if i reattached my tables it works.If someone have an idea....PS: same ODBC on both machines
I have a Web application in asp.net 1.1Iam using windows authentication. The application is on IIS on MachineA. When i try to access this from MachineB as http://MachineA/test/test.aspx, it gives me the error "login failed for user 'null' : not associated with a trusted sql connection"Both MachineA and MachineB are on the same domain & iam not using any sql authentication. Could someone suggest me where i might have gone wrong. Web.config has authentication as 'windows', allow users = "*" and Identity impersonation = trueOn IIS, the vitual directory of 'test' application has Directory secuirty set to 'Integrated Security'Please let me know if someone had dealt with similar scenario. Thanks.
Hey all, not sure if this is even possible but is there a way to connection an SQL server with ASP.NET using my username and password as the trusted connection? As I am a trusted connection but the ASP.NET working process isnt. Anything can be done about this apart from addeing the ASP.NET account as a trusted connection?
I was just wondering about the old error:"user not associated with a trusted connection"I know how to solve it, but I dont really understand what im doing. If my connection string is like:Trusted_Connection=true;Initial Catalog=jobitdev;Data Source=192.168.109.4;Packet Size=4096;then how validation is done on the sql server side of things? If i specify the "Trusted_connection" property what does the server do to validate the user? I'm assuming that the user it checks is the current windows user?
I have just installed MSSQL 2000 on Windows 2000. what I am finding is that I cannot open an isql (or query analyzer) session using the sql login (i am successful when i use NT authentication). The error message I get is as follows
Msg 18452, Level 14, State 1: Login failed for user 'xxx'. Reason: Not associated with a trusted SQL Server connection. DB-Library: Login incorrect.
MSDN talks about setting the registry entries differently, but that seems to be only for SQL 7.
I'm attempting to set up a dts transfer SQL 7 box to SQL 7 box. These two servers are on two separate NT domains with no trust relationship, and I will be sending the info across a VPN.
Anyone out there have a similar situation? Offer any recommendations, pitfalls, ports used, ways to do this??? I'd appreciate any ANY ideas on how to make this work. Thanks in advance. -Tricia
Can anyone please tell me how to create a trusted connection?. I am from Unix world and NT is still kind of new to me. Let say my SQL server is located in this machine residing in domain X and I want a NT user, ABC, who is in domain Y to have acess to my server. What do I need to do?. Many thanks.
Is there any way to connect to SQL Server from a non trusted domain. Passthrough authentication works for other NT Server resources (like exchange folder, printers, shared folders), but SQL Server 7.0 does not seem to accept this passthrough authentication (where the username and password are the same in both domains). There is no internet access required.
Does anyone know how to create trusted connections?. What I want to do is to have connection to a sql server that's in a different domain as I am (a NT workstation). I tried to create a login id on the server with my nt id but got an error:
