开发者

Using Kerberos authentication for SQL Server 2008

I am trying to configure my SQL Server to use Kerberos authentication.

My setup is like this - My setup is like this- I have 2 virtual PCs in a Windows XP Pro SP3 host. Both VPCs are Windows Server 2003 R2. One VPC acts as the DC, DNS Server, DHCP server, has Active Directory installed and the SQL Server default instance is also running on this VPC. The second VPC is the domain member and it acts as the SQL Server client machine.

I configured the SPN on the SQL Server service account to get the Kerberos working.

On the client VPC it seems like it is using Kerberos authentication (as desired)-

C:\Documents and Settings\administrator.SHAREPOINTSVC>sqlcmd -S vm-winsrvr2003
1> select auth_scheme from sys.dm_exec_connections where session_id=@@s开发者_高级运维pid
2> go
auth_scheme
----------------------------------------
KERBEROS

(1 rows affected)
1>

but on the server computer (where the SQL Server instance is actually running) it looks like it is still using NTLM authentication- . This is not a remote instance, the sql server is local to this machine.

C:\Documents and Settings\Administrator>sqlcmd
1> select auth_scheme from sys.dm_exec_connections where session_id=@@spid
2> go
auth_scheme
----------------------------------------
NTLM

(1 rows affected)
1>

What can i do so that it uses Kerberos on the server computer as well ? (or is this something that I should not expect)


I don't think Kerberos is used locally, on a service on the same machine NTLM is used. On any other machine on the same Realm (Domain) Kerberos will be used, except on the same machine of the service.

I think that if you do a program that connects with SQL and on the connection string you use Integrated Security=SSPI you might be able to onnect using kerberos (maybe), however I repeat that I don't think Kerberos is used locally.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜