Setting up Transactional Replication across an untrusted domain boundary


  • In my Transactional Replication schema, I have a SQL Server 2012 Distributor on server1, with a SQL Server 2005 Publication on server2, and I have the SQL 2012 subscriber on server3, which is in a separate untrusted domain. 

    I'm having a difficult time figuring how to setup the security to use Windows Passthrough Authentication in the replication jobs.  I know I need to make a proxy for the subscriber account on the Distributor for the push transactional replication, but I haven't been able to find a good example of the Method Of Procedure (MOP) to do that.  I've found many references to KB:321822 Replicate Between Computers Running SQL Server in Non-Trusted Domains or Across the Internet,  but that link is dead.  I am using Sebastian Meine's book "Fundatmental of SQL Server 2012 Replication" as my resource, which give good and clear guidance on how to set it up, but doesn't cover this situation.

    Does anyone have KB:321822, or it's equivalent?


    Brandon Forest SQL Server DBA

    Thursday, June 7, 2018 9:40 PM

All replies

  • Use passthrough authentication. Have a local machine account on the subscriber with the same account name password combination in the local users group on the subscriber server.

    Ensure that this account is in the db_owner role on the subscriber in the subscription database.

    Thursday, June 7, 2018 10:49 PM