none
SQL Server and Active Directory Trusts RRS feed

  • Question

  • Hello,

    In order to stop using SQL users on our environment we decided to use Windows users. So this is the full picture.

    We have AD A and AD B. AD B has the databases (SQL Server 2016) and trusts users from AD A to login.

    I have set up windows logins from AD A in the databases in AD B.

    The problem is the connectivity is really slow. I do not think this is a bottleneck issue but rather some bad configuration.

    To see what happens on the server side I set up an audit and asked a user to login with windows authentication.

    I noticed that there are 3-4 login failed whenever he logs in. Also these appear when he tries to do something. 

    Any tips on improving performance? 

    Thank you,

    Bogdan


    Monday, November 11, 2019 10:03 AM

All replies

  • Hi Bogdan,

    Could you please share us  error message when login failed? Please check if below link could help you. Cross Domain SQL Server Logins Using Windows Authentication.

    Hope this could help you.

    Best regards,
    Cathy 

    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to  MSDN Support, feel free to contact MSDNFSF@microsoft.com

    Tuesday, November 12, 2019 8:02 AM
  • Hello Cathy,

    I have read the article, thank you.

    Here is the error i'm receiving :

    Statement Network error code 0x2746 occurred while establishing a connection; the connection has been closed. This may have been caused by client or server login timeout expiration. Time spent during login: total 4508 ms, enqueued 0 ms, network writes 0 ms, network reads 4508 ms, establishing SSL 0 ms, network reads during SSL 0 ms, network writes during SSL 0 ms, secure calls during SSL 0 ms, enqueued during SSL 0 ms, negotiating SSPI 0 ms, network reads during SSPI 0 ms, network writes during SSPI 0 ms, secure calls during SSPI 0 ms, enqueued during SSPI 0 ms, validating login 0 ms, including user-defined login processing 0 ms. [CLIENT: IP]
    Additional Information <action_info xmlns="http://schemas.microsoft.com/sqlserver/2008/sqlaudit_data"><pooled_connection>0</pooled_connection><error>0x000045a6</error><state>105</state><address>IP</address></action_info>

    I noticed that this only happens in SSMS. Azure Data Studio and sqlcmd seem to work much better.

    Seems to be a DNS issue so i added the server ip to the hosts file.

    The problem that I have now is that i wouldn't want to add the ip's manually or via gpo.

    Any suggestions?

    Thank you,

    Bogdan


    Tuesday, November 12, 2019 9:58 AM
  • Can anyone give some suggestions please?
    Monday, November 25, 2019 12:32 PM