Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How do you create a Linked Server using Trusted Connection

Posted on 2006-07-06
27
Medium Priority
?
3,716 Views
Last Modified: 2007-12-19
How do you create a Linked Server using Trusted Connection?  Is it something like:

sp_addlinkedserver @server = 'servername'
    , @srvproduct = 'SQL Server'  
    , @provider = 'SQLOLEDB'
    --[ , [ @datasrc = ] 'data_source' ]
    --[ , [ @location = ] 'location' ]
    , @provstr = 'Trusted_Connection=yes;Integrated Security=SSPI;Data Source=servername;Initial Catalog=master'

0
Comment
Question by:bergstpg
  • 13
  • 10
  • 3
  • +1
27 Comments
 
LVL 75

Expert Comment

by:Aneesh Retnakaran
ID: 17051300

EXEC    sp_addlinkedserver    @server='servername', @srvproduct='SQL Server',
                                @provider='SQLOLEDB'


Now the trusted connection comes into picture, when you create the login

This example creates a mapping to ensure that only the Windows NT user  Domain\Mary connects through to the linked server Accounts using the login MaryP and password NewPassword.

EXEC sp_addlinkedsrvlogin 'Accounts', 'false', 'Domain\Mary', 'MaryP', 'NewPassword'
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17051545
Unfortunately I get the following error message using your syntax for sp_addlinkedserver - I changed the servername to my servername:

Server: Msg 15428, Level 16, State 1, Procedure sp_addlinkedserver, Line 67
You cannot specify a provider or any properties for product 'SQL Server'.

To be more clear, I don't want to create a SQL Server login - just use Windows Authentication.
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17051578
What I would really like is to use the OPENROWSET instead of a linked server to connect to a remote server, but all the references I have found on this have said it isn't possible.  It seemed like it might have been in the past:

http://support.microsoft.com/default.aspx?scid=kb;en-us;256052&sd=tech
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 12

Expert Comment

by:Einstine98
ID: 17053930
is this SQL 2000 or 2005?

generally you can do

EXEC sp_addlinkedsrvlogin 'ServerName', 'true'

This will use the connected user login to login to the remote server
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17058821
SQL Server 2000

I created a linked server using the following syntax:

EXEC sp_addlinkedserver 'servername','sql server'
EXEC sp_addlinkedsrvlogin 'servername', 'true'

I got the error Login not associated with a trusted connection when I tried to view the tables within EM.  I have sa access to this server.

I then tried the following sytax:

EXEC sp_addlinkedserver 'servername','','sqloledb'
EXEC sp_addlinkedsrvlogin 'servername', 'true'

This showed me tables, but they where the tables in the master database of the local server.

Finally I tried the following sytax:

EXEC sp_addlinkedserver 'servername','','sqloledb','dbname'
EXEC sp_addlinkedsrvlogin 'servername', 'true'

This time when I accessed the tables I got the error Error 6: specified sql server not found.  Both the client and server are using tcpip only in the client and server config utilites.

I am still looking for a solution.  Thx.
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17058825
New points
0
 
LVL 12

Expert Comment

by:Einstine98
ID: 17061475
use the one where you could see the data in Master database... then fire this query

SELECT * FROM <Servername>.<DatabaseName>.<userName>.<tableName>

and that should work
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17073115
Sorry, still doesn't work

Tried this:

SELECT top 100 * FROM dsm02415.express.dbo.computer

Got this:

Server: Msg 7314, Level 16, State 1, Line 1
OLE DB provider 'dsm02415' does not contain table '"express"."dbo"."computer"'.  The table either does not exist or the current user does not have permissions on that table.
OLE DB error trace [Non-interface error:  OLE DB provider does not contain the table: ProviderName='dsm02415', TableName='"express"."dbo"."computer"'].

I tripled checked the table's existance and I have SA.  Any other ideas?
0
 
LVL 43

Expert Comment

by:Eugene Z
ID: 17075516
add login that you plan to use on both sql servers (make sure they have all needed rights)

then create linked server:


--servername must be your destination sql server name:

USE [master]
GO
EXEC master.dbo.sp_addlinkedserver @server = N'servername', @srvproduct=N'SQL Server'
GO
EXEC master.dbo.sp_serveroption @server=N'servername', @optname=N'collation compatible', @optvalue=N'false'
GO
EXEC master.dbo.sp_serveroption @server=N'servername', @optname=N'data access', @optvalue=N'true'
GO
EXEC master.dbo.sp_serveroption @server=N'servername', @optname=N'rpc', @optvalue=N'true'
GO
EXEC master.dbo.sp_serveroption @server=N'servername', @optname=N'rpc out', @optvalue=N'true'
GO
EXEC master.dbo.sp_serveroption @server=N'servername', @optname=N'connect timeout', @optvalue=N'0'
GO
EXEC master.dbo.sp_serveroption @server=N'servername', @optname=N'collation name', @optvalue=null
GO
EXEC master.dbo.sp_serveroption @server=N'servername', @optname=N'query timeout', @optvalue=N'0'
GO
EXEC master.dbo.sp_serveroption @server=N'servername', @optname=N'use remote collation', @optvalue=N'true'
GO
USE [master]
GO
EXEC master.dbo.sp_addlinkedsrvlogin @rmtsrvname = N'servername', @locallogin = NULL , @useself = N'True'
GO
0
 
LVL 12

Expert Comment

by:Einstine98
ID: 17076034
Double check that SA has a user mapped (dbo or others) in the database you are trying to access (Express)

This problem can ONLY happen if you do not have rights or the object does not exist, since the object exists, the user does not have rights.. have seen it over a million time.
0
 
LVL 43

Expert Comment

by:Eugene Z
ID: 17080336
clarification:
--add login
 NT login - such as  yourdomain\yourusername
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17081521
EugeneZ

I ran your script - adjusted to my environment - and specifically added my domain login to both servers - sa on connected server, dbo in db of destination server - and I get the following error:

Server: Msg 18452, Level 14, State 1, Line 1
Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.

I am beginning to think this isn't possible.  Has anybody been able to do this?  I have tried about every possible solution without success.
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17081600
Einstine98

I tried connecting to another db that the mapped dbo was sa - still no luck - same errors as seen above.
0
 
LVL 43

Expert Comment

by:Eugene Z
ID: 17082639
0
 
LVL 43

Expert Comment

by:Eugene Z
ID: 17083921
it is possible.
Can you see your NT login (domain\yourlogin) among sql server logins on both servers?
And you connected to sql server in EM with windows authotication?
and you open QA with windows authotication?
And you run
select * from yourlinkedserver.master.dbo.sysobjects?
And get error?
----
What OS do you have where the sql server installed:
if it is windows 2003:

check MS DTC settings:
http://support.microsoft.com/default.aspx?scid=kb;en-us;329332
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17084104
Not sp4 and its fixes, but sp3a and its fixes.  8.00.818

I don't have access to modify Active Directory, nor do I want that responsibility.  If this is the problem, I am abandoning this question.
0
 
LVL 43

Expert Comment

by:Eugene Z
ID: 17084159
sp3a and its fixes.  8.00.818 - is good:
what is Windows OS do you have on the servers?
--
It is not Active Directory issue
--
When you open logins in Sql server Enterprice Manager for the 2 sql servers -
can you see your NT login ?


0
 
LVL 1

Author Comment

by:bergstpg
ID: 17084252
MS DTC is setup correctly on both servers.

No, because I am part of a domain group.

Earlier I tried adding my login manually to both servers - as seen above - without success.  
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17084297
Windows 2003 - with and without SP1
0
 
LVL 43

Expert Comment

by:Eugene Z
ID: 17085592
<Earlier I tried adding my login manually to both servers - as seen above - without success.
?
Can you access the QA of the sql server, As let say, 'sa':
and run (it will add your NT login to sql server if it is not there and add ro 'sa' role)?

exec sp_grantlogin N'yourdomain\yourlogin'
exec sp_defaultdb N'yourdomain\yourlogin', N'master'
exec sp_addsrvrolemember N'yourdomain\yourlogin', sysadmin

--please post a result
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17090363
Yeah - I have SA access, thus I can use NT Authentication to connect the SQL Server using QA.  Our group of 11 support 6000 dbs on 300 servers using Windows NT Authentication.  I would expect us to have other problems with Windows NT Authentication than this one.  Again, I am not a believer at this point.
0
 
LVL 43

Expert Comment

by:Eugene Z
ID: 17094658
did you or did not run (let say on 2 test servers):
exec sp_grantlogin N'yourdomain\yourlogin'
exec sp_defaultdb N'yourdomain\yourlogin', N'master'
exec sp_addsrvrolemember N'yourdomain\yourlogin', sysadmin

--
and what an error message (if there is any) did you get after connecting each other through linked server connection (created as per posts above)  ...?
0
 
LVL 43

Expert Comment

by:Eugene Z
ID: 17094761
plan B (no linked server for sql server 2000 with SP3 and up):

select * from OPENDATASOURCE('SQLOLEDB','Data Source=yoursqlserver;InitialCatalog=master;Integrated Security=SSPI').master.dbo.sysobjects
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17101439
Result:

Server: Msg 18452, Level 14, State 1, Line 1
Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
[OLE/DB provider returned message: Invalid connection string attribute]

Been here done this.  OPENROWSET doesn't work either.
0
 
LVL 43

Expert Comment

by:Eugene Z
ID: 17101872
can you add your NT login to the destination sql server logins?
0
 
LVL 1

Author Comment

by:bergstpg
ID: 17102183
I can, but I have already tested this.  Is dbo ok to test - even though I have effective SA rights?  If I give myself sa it causes alarms to occur that I want to avoid.
0
 
LVL 43

Accepted Solution

by:
Eugene Z earned 2000 total points
ID: 17102398


New resolution for problems that occur when users belong to many groups
http://support.microsoft.com/?id=327825

This is the link to setup Kerberos.
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/tkerbdel.mspx 
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
A Stored Procedure in Microsoft SQL Server is a powerful feature that it can be used to execute the Data Manipulation Language (DML) or Data Definition Language (DDL). Depending on business requirements, a single Stored Procedure can return differe…
Using examples as well as descriptions, and references to Books Online, show the documentation available for date manipulation functions and by using a select few of these functions, show how date based data can be manipulated with these functions.
Via a live example, show how to set up a backup for SQL Server using a Maintenance Plan and how to schedule the job into SQL Server Agent.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question