We help IT Professionals succeed at work.

Check out this week's podcast, "Dairy Farms to Databases: Community's Hand in Technology"Listen Now

x

Trusted connection for users in another domain

pvs001d
pvs001d asked
on
318 Views
Last Modified: 2008-02-26
I have users from domain A and B using Access application to access SQL server tables in domain B. What should I do to anable  user from domain A to connect to SQL Server in domain A over the trusted connction
Comment
Watch Question

Author

Commented:
Adjusted points to 150
vvk

Commented:
You need to install trust relationship between domains.

Author

Commented:
I have trust relationship enabled and still i can't see users from another domain in SQL security manager. (By trusted connection I mean option in ODBC datasource setup)
vvk

Commented:
For appending to SQL security you need to put users in local group for your domain.

Commented:
users must have Administrator privilege on the target domain.

vvk

Commented:
Trusting as i means, don't have any relations to ODBC. This trust relationship must be configured for NT domains in User Manager. You need at least one-way trusting where domaid with SQL server is trusting domain in A domain and A domain must be trusted in B. After this you must add users form domain A to local groups in domain B and finally add this groups in SQL security manager

Author

Commented:
Wk, as far as I understand, there is no way to see users from other domain in SQL security manager? The choice is to add them to SQL server domain in order to see in SQL Security Manager?

Author

Commented:
Comment to perezjos: It is too bad to be true.
vvk

Commented:
yes. You need to have users in groups of local domain.

Author

Commented:
What if I manualy add SQL logins through SQL Enterprise Manager? Should I do something else
E.g. Domain1 has SQL server
Domain2 has user user1
Domains trust each other
When I add login name Domain2_user1 through SQL EM and try to connect from that domain, I receive the following message:
Lgin failed:....
Not defined as a valid user of a trusted SQL Server connection.

 


Commented:
The statement about the trust relationship needs to be addressed in the NT domain is correct.  The SQL server resides INSIDE an NT server.  Therefore the NT server needs to be told who can be trusted and who can talk to it before it even trys to let someone into SQL.

Commented:
Hi,
This is just a suggestions but... don't use trusted connections... use standard security... life is much simpler.

(Hope this helped.)
Jim

Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
What do you mena by 'register SQL server'

Commented:
Listen, pvs001d....

1) Define a trust relationship whereby the domain containing the SQL Server "trusts" the domain which contains the users (and vica-versa "is trusted by"...) This will allow you to "see" the accounts in Domain A in your User Manager.

2) Create a local group on the SQL Server in question. This will be the receptacle of the trusted domain accounts you need to provide access for.

3) Using SQL Server Security Manager, give the newly-created local group rights to the database(s) you wish them to access. Be sure to automatically create SQl Logins for them using the check box!!!

4) In SQL Enterprise Manager, set the permissions on the object(s) so that the user(s) in question can Select, Update, etc... as necessary.

5) These users will now be able to use SQL Server tables through any means (ODBC, DB-LIB, etc...)

All of the answers above were right in part, just not complete enough.

P.S. If you are using Access to connect, be sure to refresh your ODBC connections on the Access tables using the Connection Manager Add-In


Author

Commented:
Thanks perezjos,that's the answer I'v been looking for.

Author

Commented:
Sorry perezjos, I should have rejceted Ezhill answer. I'll post the points with  a 'question having 'for perezjos' subject. Answer it to get the points you deserved.
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.