We help IT Professionals succeed at work.

SQL Server 2005 access through HTTP Endpoint

Mc2102
Mc2102 asked
on
Hello,

We are running a SQL Server 2005 Cluster on Windows Server 2003. Today I had to setup a linked server to a provider database server (proberbly something diffrent then SQL Server) and there was no VPN tunnel or anything similar necassary. I assume that the connection is being established through HTTPS and the remote DB server is being queried via XML.

It would be awesome if I could get that to run for us as well. So I did some reading on it and it almost sounds like this could be established with a HTTP Endpoint on the SQL cluster end and then cluster could be accessed by a remote SQL server through a linked server.

Is my assumption correct? If so does someone has some good documentation on how to set something like this up?

Any advice is very welcome.

Thank you
Mc2102
Comment
Watch Question

Author

Commented:
I just read tha you can expose stored procedures or user-defined functions as the endpoints for the mapping but you can't expose tables or views directly. Hmm but this is exactly what I am looking for.

How can I get this done?

Commented:
where is your database (where to linked server you paln to setup)? on the same network\domain or not? if different domain: is it trusted domain?

Author

Commented:
The database would sit on the SQL cluster which is part of our AD domain and the linked server would sit on a customer machine outside of our network and AD domain.

Commented:
you  must communicate with your Network Admins:
what you are asking is security related question...
if your network admin let the outsider server\PC access your sql server:
make sure that Microsoft Distributed Transaction Coordinator (MSDTC) set
and use sql server login
-----------------
 

Author

Commented:
EugeneZ:

I think we are missunderstanding each other. First of all I am the network administrator and second we have access for our customers from the outside world through VPN tunnels. I am looking for an easier alternative.

I would be able to provide secure encrypted access to the database cluster from the outside world without the need of a VPN tunnel. My idea was to use a HTTP endpoint and use HTTPS but looks like you can only the users access to functions and stored procedures through a endpoint. That does not really help me because our customers need to be able to run direct SQL queries.
Commented:
are you talking about DMZ?-- it is not realy HTTPS is not for linked server
VPN is secured way
you can give the client gotomyPC  access with AD login in application mode server setup...
 
about DMZ with Sql server
Secure Architecture for an SQL / Web Server
http://www.windowsecurity.com/articles/Secure_Architecture_SQL_Web_Server.html 
Commented:
or if you open port for specific IP with sql server tool the client can add linked server with sql server login  (not windows) by regestring your sql server with IP address instead of name ( not the same domain)
As already suggested (I think) just open the SQL Server port to the outside world and you'' be able to connect.
This is analogous to a HTTP endpoint except that its not using HTTP (or port 80) its using SQL packets and whatever port the SQL Server is running on.