"Multiple IP address in one SQL server" and "authentication problem |
|
Author |
Message |
stephenwigg
|
Posted: Wed Jan 09 07:58:01 CST 2008 |
Top |
SQL Server >> "Multiple IP address in one SQL server" and "authentication problem
Hi all.
I really don't known where to post because I don't known what is my
problem, so let me explain.
I have a SQL Server with two ethernet cards, one used for me, IT
Department, and other used by normal users.
Every card is in a separated network (obviously):
192.168.1.100 with "db.domain.com" A record in DNS
172.16.10.100 with "db.public.domain.com" A record in DNS
This server is an AD domain computer with "db.domain.com" name, and the
DC is in 192.168.1.0/24 network.
I am in troubles when I try to connect with MSrSQL Management Studio
using db.public.domain.com... I doesn't works, I get an error similar to
"Login failed for user ''. The user is not associated with a trusted SQL
Server connection. [CLIENT: 172.16.10.101]"
If I change db.public.domain.com to a CNAME record pointing to
db.domain.com it works, but this is not desired because I want users to
use their network, 172.16.10.0/24.
Any issues? Any suggestions? Any idea? Please help me if you can :) I
tried to play with Service Principal Names (SPN's), but I can't manage
to connect with an A record.
Thanks in advance,
Sergio
SQL Server128
|
|
|
|
|
Paul
|
Posted: Wed Jan 09 07:58:01 CST 2008 |
Top |
SQL Server >> "Multiple IP address in one SQL server" and "authentication problem
Never use a multihomed server as a DC. So you need to either remove AD off
of this machine or remove one of the NIC's.
The link below has some info on this and I couldn't find the exact article
but I can guarantee you are going to have constant problems with this setup.
http://support.Microsoft.com/default.aspx?scid=kb;en-us;832478
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
> Hi all.
> I really don't known where to post because I don't known what is my
> problem, so let me explain.
>
> I have a SQL Server with two ethernet cards, one used for me, IT
> Department, and other used by normal users.
>
> Every card is in a separated network (obviously):
> 192.168.1.100 with "db.domain.com" A record in DNS
> 172.16.10.100 with "db.public.domain.com" A record in DNS
> This server is an AD domain computer with "db.domain.com" name, and the DC
> is in 192.168.1.0/24 network.
>
> I am in troubles when I try to connect with MSrSQL Management Studio using
> db.public.domain.com... I doesn't works, I get an error similar to "Login
> failed for user ''. The user is not associated with a trusted SQL Server
> connection. [CLIENT: 172.16.10.101]"
>
> If I change db.public.domain.com to a CNAME record pointing to
> db.domain.com it works, but this is not desired because I want users to
> use their network, 172.16.10.0/24.
>
> Any issues? Any suggestions? Any idea? Please help me if you can :) I
> tried to play with Service Principal Names (SPN's), but I can't manage to
> connect with an A record.
>
> Thanks in advance,
> Sergio
|
|
|
|
|
Sergio
|
Posted: Wed Jan 09 09:25:03 CST 2008 |
Top |
SQL Server >> "Multiple IP address in one SQL server" and "authentication problem
Sorry, I didn't explained well... it is not a DC, it is only a domain
member.
> Never use a multihomed server as a DC. So you need to either remove AD off
> of this machine or remove one of the NIC's.
>
> The link below has some info on this and I couldn't find the exact article
> but I can guarantee you are going to have constant problems with this setup.
>
> http://support.Microsoft.com/default.aspx?scid=kb;en-us;832478
>
|
|
|
|
|
Paul
|
Posted: Thu Jan 10 07:52:04 CST 2008 |
Top |
SQL Server >> "Multiple IP address in one SQL server" and "authentication problem
Sorry for the misunderstanding. I don't specifically see what the problem
is, but does this sql server allow SQL Server and AD authentication? If so
have you tried both methods? What about the Event Log what is the error you
are receiving?
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
> Sorry, I didn't explained well... it is not a DC, it is only a domain
> member.
>
>
>> Never use a multihomed server as a DC. So you need to either remove AD
>> off of this machine or remove one of the NIC's.
>>
>> The link below has some info on this and I couldn't find the exact
>> article but I can guarantee you are going to have constant problems with
>> this setup.
>>
>> http://support.Microsoft.com/default.aspx?scid=kb;en-us;832478
>>
|
|
|
|
|
Sergio
|
Posted: Thu Jan 10 09:46:39 CST 2008 |
Top |
SQL Server >> "Multiple IP address in one SQL server" and "authentication problem
The SQL Server has the next configuration
_________ _______
| | | |
NIC1 ------| SQL |--- NIC2 -----| DC |
10.10.10.1 | | 10.20.10.1 | DNS |
host.pub.dom.com -------- host.dom.com ------
In 10.20.10.0/24 network there is a DC of dom.com domain and a DNS wich
has both A entries.
My problem is that in the same SQL Server, I want to connect to
host.pub.dom.com database server and I can't.
If I use "host.pub.dom.com" can't connect. KO
If I use "host.dom.com" I can connect. OK
If I use "10.10.10.1" address, I can connect. OK
If I use "10.20.10.1" address, I can connect. OK
If I change the A record, "host.pub.dom.com", to a CNAME record pointing
to "host.dom.com"... I can connect.
Also, there is a router linking both networks
> Sorry for the misunderstanding. I don't specifically see what the problem
> is, but does this sql server allow SQL Server and AD authentication? If so
> have you tried both methods? What about the Event Log what is the error you
> are receiving?
>
|
|
|
|
|
Sergio
|
Posted: Thu Jan 10 09:47:57 CST 2008 |
Top |
SQL Server >> "Multiple IP address in one SQL server" and "authentication problem
The SQL Server has the next configuration
_________ _______
| | | |
NIC1 ------| SQL |--- NIC2 -----| DC |
10.10.10.1 | | 10.20.10.1 | DNS |
host.pub.dom.com -------- host.dom.com ------
In 10.20.10.0/24 network there is a DC of dom.com domain and a DNS wich
has both A entries.
My problem is that in the same SQL Server, I want to connect to
host.pub.dom.com database server and I can't.
If I use "host.pub.dom.com" can't connect. KO
If I use "host.dom.com" I can connect. OK
If I use "10.10.10.1" address, I can connect. OK
If I use "10.20.10.1" address, I can connect. OK
If I change the A record, "host.pub.dom.com", to a CNAME record pointing
to "host.dom.com"... I can connect.
Also, there is a router linking both networks
> Sorry for the misunderstanding. I don't specifically see what the problem
> is, but does this sql server allow SQL Server and AD authentication? If so
> have you tried both methods? What about the Event Log what is the error you
> are receiving?
>
|
|
|
|
|
Paul
|
Posted: Fri Jan 11 07:55:38 CST 2008 |
Top |
SQL Server >> "Multiple IP address in one SQL server" and "authentication problem
This sql box is not a router and the path host.pub.dom.com is not part of
your domain. The reason the cname works is you have it pointing to the
domain side.
I think you could get this to work if you loaded Routing and Remote Access,
but this is skewed.
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
> The SQL Server has the next configuration
> _________ _______
> | | | |
> NIC1 ------| SQL |--- NIC2 -----| DC |
> 10.10.10.1 | | 10.20.10.1 | DNS |
> host.pub.dom.com -------- host.dom.com ------
>
> In 10.20.10.0/24 network there is a DC of dom.com domain and a DNS wich
> has both A entries.
>
> My problem is that in the same SQL Server, I want to connect to
> host.pub.dom.com database server and I can't.
>
> If I use "host.pub.dom.com" can't connect. KO
> If I use "host.dom.com" I can connect. OK
> If I use "10.10.10.1" address, I can connect. OK
> If I use "10.20.10.1" address, I can connect. OK
> If I change the A record, "host.pub.dom.com", to a CNAME record pointing
> to "host.dom.com"... I can connect.
>
>
>
> Also, there is a router linking both networks
>
>> Sorry for the misunderstanding. I don't specifically see what the
>> problem is, but does this sql server allow SQL Server and AD
>> authentication? If so have you tried both methods? What about the Event
>> Log what is the error you are receiving?
>>
|
|
|
|
|
|
|