How to enable windows authentication on server that is not part of domain
We have an SQL server instance running on a standalone server (not part of the organizations domain network). Is there any way that we can use windows authentication to logon to sql server without having to add the remote server to the domain. I hope my question is clear, what is want is to be able to logon to sql server using windows authentication from my client, but I am not able to add windows users in sql server because the server is not part of the domain and so cannot identify the domain users that I am trying to add. Is there any way to get around this?
Thanks in advance.
sql-server sql-server-2008 security authentication
asked Oct 27 '14 at 10:33
user38729user38729
2813
add a comment |
We have an SQL server instance running on a standalone server (not part of the organizations domain network). Is there any way that we can use windows authentication to logon to sql server without having to add the remote server to the domain. I hope my question is clear, what is want is to be able to logon to sql server using windows authentication from my client, but I am not able to add windows users in sql server because the server is not part of the domain and so cannot identify the domain users that I am trying to add. Is there any way to get around this?
Thanks in advance.
sql-server sql-server-2008 security authentication
asked Oct 27 '14 at 10:33
user38729user38729
2813
You can setup an account with the same name as your domain user and it can use Windows authentication. However it will not be as safe as having a Kerberos ticket used. You will actually leak your domain password (hash) to that server. It’s better to use sqlauthentication with a totally unrelated username and password.
– eckes
7 mins ago
add a comment |
We have an SQL server instance running on a standalone server (not part of the organizations domain network). Is there any way that we can use windows authentication to logon to sql server without having to add the remote server to the domain. I hope my question is clear, what is want is to be able to logon to sql server using windows authentication from my client, but I am not able to add windows users in sql server because the server is not part of the domain and so cannot identify the domain users that I am trying to add. Is there any way to get around this?
Thanks in advance.
sql-server sql-server-2008 security authentication
asked Oct 27 '14 at 10:33
user38729user38729
2813
We have an SQL server instance running on a standalone server (not part of the organizations domain network). Is there any way that we can use windows authentication to logon to sql server without having to add the remote server to the domain. I hope my question is clear, what is want is to be able to logon to sql server using windows authentication from my client, but I am not able to add windows users in sql server because the server is not part of the domain and so cannot identify the domain users that I am trying to add. Is there any way to get around this?
Thanks in advance.
sql-server sql-server-2008 security authentication
sql-server sql-server-2008 security authentication
asked Oct 27 '14 at 10:33
user38729user38729
2813
asked Oct 27 '14 at 10:33
user38729user38729
2813
asked Oct 27 '14 at 10:33
user38729user38729
2813
asked Oct 27 '14 at 10:33
user38729user38729
2813
asked Oct 27 '14 at 10:33
user38729user38729
2813
2813
You can setup an account with the same name as your domain user and it can use Windows authentication. However it will not be as safe as having a Kerberos ticket used. You will actually leak your domain password (hash) to that server. It’s better to use sqlauthentication with a totally unrelated username and password.
– eckes
7 mins ago
add a comment |
You can setup an account with the same name as your domain user and it can use Windows authentication. However it will not be as safe as having a Kerberos ticket used. You will actually leak your domain password (hash) to that server. It’s better to use sqlauthentication with a totally unrelated username and password.
– eckes
7 mins ago
You can setup an account with the same name as your domain user and it can use Windows authentication. However it will not be as safe as having a Kerberos ticket used. You will actually leak your domain password (hash) to that server. It’s better to use sqlauthentication with a totally unrelated username and password.
– eckes
7 mins ago
You can setup an account with the same name as your domain user and it can use Windows authentication. However it will not be as safe as having a Kerberos ticket used. You will actually leak your domain password (hash) to that server. It’s better to use sqlauthentication with a totally unrelated username and password.
– eckes
7 mins ago
add a comment |
4 Answers
4
active
oldest
votes
Plan answer: No.
Let me explain:
Windows Authentication is just that, authenticating with a Window's login. So if you are dealing with a workgroup computer where you are on a domain it will not work, because that server can only authenticate a local account.
If you are talking about connecting with SSMS, you can try the runas coomand through command prompt and use the "netonly" parameter. I use this for connecting from workgroup to domain.
answered Oct 27 '14 at 11:12
Shawn MeltonShawn Melton
14.4k43782
Thanks for the reply. Is it possible to add the server to the domain but prevent users from being able to logon to the server using say RDP with their domain credentials. If we manage to add the server to the domain, we still want the users to only logon to sql server using ssms clients but not to the server directly.
– user38729
Oct 27 '14 at 12:00
@user38729 You should be able to manage RDP credentials separately from SQL Server. Every time we bring a new SQL Server online, I can always connect to SQL Server, but I need to ask for remote desktop privileges. (I am not sure if that's how it works by default, or if we have group policy that prevents RDP, but you certainly can prevent users from RDPing.)
– Aaron Bertrand♦
Oct 27 '14 at 13:12
@user38729 Having installed several machines, yes it is very easy to manage. Simply allow for tcp connections to port 1433, enable SQL Server Browser service, and add a user in the SQL Server instance that is allowed for remote logon to SQL server. You don't need to touch the RDP settings as it should be denied by default, however you could specifically deny users to remotely logon to the machine to be sure.
– Reaces
Oct 27 '14 at 13:23
@user38729 That is something to speak with your AD administrators about. Terminal Services access (RDP) is something that is controlled by AD Group Policies. The default domain policy will be applied to the server when it is first added to the domain. Generally most AD administrators are going to place a server into an OU (e.g. like folder) that will have additional group policies to modify access. You will need to speak with them on what policy they have and what you need.
– Shawn Melton
Oct 27 '14 at 16:02
Thanks a lot for all your replies, your answers will help me decide on how to go about doing this.
– user38729
Oct 28 '14 at 11:47
add a comment |
In short, no it won't work.
There are two types of windows authentication, local and domain. Seeing as how you're asking about your domain logon, that's clearly the second kind.
When you try to authenticate to a domain logon, the local machine will go up the chain in its domain group, and ask for a domain controller to authenticate your credentials.
Seeing as how the SQL server is in a workgroup, it doesn't know your domain controllers exist, let alone how to validate your credentials.
However, if your only concern is using windows users to connect to the SQL server, not necessarily using your own credentials (IE you don't want to use SQL users). This can be achieved using runas and a local user on the SQL machine. MSSQLTips post about this.
answered Oct 27 '14 at 11:34
ReacesReaces
1,67631432
add a comment |
Set the 'server name' to be the name of the computer and select Windows Authentication then this should log you on locally.
answered Oct 27 '14 at 10:58
SQLBenSQLBen
152417
add a comment |
By the time it was possible to Use the same domain credentials (password and username) in a created local account , where you were able to login locally, but this adds more hassle and admin overhead
answered 21 mins ago
Michael SMichael S
1
New contributor
Michael S is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "182"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f81149%2fhow-to-enable-windows-authentication-on-server-that-is-not-part-of-domain%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
Plan answer: No.
Let me explain:
Windows Authentication is just that, authenticating with a Window's login. So if you are dealing with a workgroup computer where you are on a domain it will not work, because that server can only authenticate a local account.
If you are talking about connecting with SSMS, you can try the runas coomand through command prompt and use the "netonly" parameter. I use this for connecting from workgroup to domain.
answered Oct 27 '14 at 11:12
Shawn MeltonShawn Melton
14.4k43782
Thanks for the reply. Is it possible to add the server to the domain but prevent users from being able to logon to the server using say RDP with their domain credentials. If we manage to add the server to the domain, we still want the users to only logon to sql server using ssms clients but not to the server directly.
– user38729
Oct 27 '14 at 12:00
@user38729 You should be able to manage RDP credentials separately from SQL Server. Every time we bring a new SQL Server online, I can always connect to SQL Server, but I need to ask for remote desktop privileges. (I am not sure if that's how it works by default, or if we have group policy that prevents RDP, but you certainly can prevent users from RDPing.)
– Aaron Bertrand♦
Oct 27 '14 at 13:12
@user38729 Having installed several machines, yes it is very easy to manage. Simply allow for tcp connections to port 1433, enable SQL Server Browser service, and add a user in the SQL Server instance that is allowed for remote logon to SQL server. You don't need to touch the RDP settings as it should be denied by default, however you could specifically deny users to remotely logon to the machine to be sure.
– Reaces
Oct 27 '14 at 13:23
@user38729 That is something to speak with your AD administrators about. Terminal Services access (RDP) is something that is controlled by AD Group Policies. The default domain policy will be applied to the server when it is first added to the domain. Generally most AD administrators are going to place a server into an OU (e.g. like folder) that will have additional group policies to modify access. You will need to speak with them on what policy they have and what you need.
– Shawn Melton
Oct 27 '14 at 16:02
Thanks a lot for all your replies, your answers will help me decide on how to go about doing this.
– user38729
Oct 28 '14 at 11:47
add a comment |
Plan answer: No.
Let me explain:
Windows Authentication is just that, authenticating with a Window's login. So if you are dealing with a workgroup computer where you are on a domain it will not work, because that server can only authenticate a local account.
If you are talking about connecting with SSMS, you can try the runas coomand through command prompt and use the "netonly" parameter. I use this for connecting from workgroup to domain.
answered Oct 27 '14 at 11:12
Shawn MeltonShawn Melton
14.4k43782
Thanks for the reply. Is it possible to add the server to the domain but prevent users from being able to logon to the server using say RDP with their domain credentials. If we manage to add the server to the domain, we still want the users to only logon to sql server using ssms clients but not to the server directly.
– user38729
Oct 27 '14 at 12:00
@user38729 You should be able to manage RDP credentials separately from SQL Server. Every time we bring a new SQL Server online, I can always connect to SQL Server, but I need to ask for remote desktop privileges. (I am not sure if that's how it works by default, or if we have group policy that prevents RDP, but you certainly can prevent users from RDPing.)
– Aaron Bertrand♦
Oct 27 '14 at 13:12
@user38729 Having installed several machines, yes it is very easy to manage. Simply allow for tcp connections to port 1433, enable SQL Server Browser service, and add a user in the SQL Server instance that is allowed for remote logon to SQL server. You don't need to touch the RDP settings as it should be denied by default, however you could specifically deny users to remotely logon to the machine to be sure.
– Reaces
Oct 27 '14 at 13:23
@user38729 That is something to speak with your AD administrators about. Terminal Services access (RDP) is something that is controlled by AD Group Policies. The default domain policy will be applied to the server when it is first added to the domain. Generally most AD administrators are going to place a server into an OU (e.g. like folder) that will have additional group policies to modify access. You will need to speak with them on what policy they have and what you need.
– Shawn Melton
Oct 27 '14 at 16:02
Thanks a lot for all your replies, your answers will help me decide on how to go about doing this.
– user38729
Oct 28 '14 at 11:47
add a comment |
Plan answer: No.
Let me explain:
Windows Authentication is just that, authenticating with a Window's login. So if you are dealing with a workgroup computer where you are on a domain it will not work, because that server can only authenticate a local account.
If you are talking about connecting with SSMS, you can try the runas coomand through command prompt and use the "netonly" parameter. I use this for connecting from workgroup to domain.
answered Oct 27 '14 at 11:12
Shawn MeltonShawn Melton
14.4k43782
Plan answer: No.
Let me explain:
Windows Authentication is just that, authenticating with a Window's login. So if you are dealing with a workgroup computer where you are on a domain it will not work, because that server can only authenticate a local account.
If you are talking about connecting with SSMS, you can try the runas coomand through command prompt and use the "netonly" parameter. I use this for connecting from workgroup to domain.
answered Oct 27 '14 at 11:12
Shawn MeltonShawn Melton
14.4k43782
answered Oct 27 '14 at 11:12
Shawn MeltonShawn Melton
14.4k43782
answered Oct 27 '14 at 11:12
Shawn MeltonShawn Melton
14.4k43782
answered Oct 27 '14 at 11:12
Shawn MeltonShawn Melton
14.4k43782
14.4k43782
Thanks for the reply. Is it possible to add the server to the domain but prevent users from being able to logon to the server using say RDP with their domain credentials. If we manage to add the server to the domain, we still want the users to only logon to sql server using ssms clients but not to the server directly.
– user38729
Oct 27 '14 at 12:00
@user38729 You should be able to manage RDP credentials separately from SQL Server. Every time we bring a new SQL Server online, I can always connect to SQL Server, but I need to ask for remote desktop privileges. (I am not sure if that's how it works by default, or if we have group policy that prevents RDP, but you certainly can prevent users from RDPing.)
– Aaron Bertrand♦
Oct 27 '14 at 13:12
@user38729 Having installed several machines, yes it is very easy to manage. Simply allow for tcp connections to port 1433, enable SQL Server Browser service, and add a user in the SQL Server instance that is allowed for remote logon to SQL server. You don't need to touch the RDP settings as it should be denied by default, however you could specifically deny users to remotely logon to the machine to be sure.
– Reaces
Oct 27 '14 at 13:23
@user38729 That is something to speak with your AD administrators about. Terminal Services access (RDP) is something that is controlled by AD Group Policies. The default domain policy will be applied to the server when it is first added to the domain. Generally most AD administrators are going to place a server into an OU (e.g. like folder) that will have additional group policies to modify access. You will need to speak with them on what policy they have and what you need.
– Shawn Melton
Oct 27 '14 at 16:02
Thanks a lot for all your replies, your answers will help me decide on how to go about doing this.
– user38729
Oct 28 '14 at 11:47
add a comment |
Thanks for the reply. Is it possible to add the server to the domain but prevent users from being able to logon to the server using say RDP with their domain credentials. If we manage to add the server to the domain, we still want the users to only logon to sql server using ssms clients but not to the server directly.
– user38729
Oct 27 '14 at 12:00
@user38729 You should be able to manage RDP credentials separately from SQL Server. Every time we bring a new SQL Server online, I can always connect to SQL Server, but I need to ask for remote desktop privileges. (I am not sure if that's how it works by default, or if we have group policy that prevents RDP, but you certainly can prevent users from RDPing.)
– Aaron Bertrand♦
Oct 27 '14 at 13:12
@user38729 Having installed several machines, yes it is very easy to manage. Simply allow for tcp connections to port 1433, enable SQL Server Browser service, and add a user in the SQL Server instance that is allowed for remote logon to SQL server. You don't need to touch the RDP settings as it should be denied by default, however you could specifically deny users to remotely logon to the machine to be sure.
– Reaces
Oct 27 '14 at 13:23
@user38729 That is something to speak with your AD administrators about. Terminal Services access (RDP) is something that is controlled by AD Group Policies. The default domain policy will be applied to the server when it is first added to the domain. Generally most AD administrators are going to place a server into an OU (e.g. like folder) that will have additional group policies to modify access. You will need to speak with them on what policy they have and what you need.
– Shawn Melton
Oct 27 '14 at 16:02
Thanks a lot for all your replies, your answers will help me decide on how to go about doing this.
– user38729
Oct 28 '14 at 11:47
Thanks for the reply. Is it possible to add the server to the domain but prevent users from being able to logon to the server using say RDP with their domain credentials. If we manage to add the server to the domain, we still want the users to only logon to sql server using ssms clients but not to the server directly.
– user38729
Oct 27 '14 at 12:00
Thanks for the reply. Is it possible to add the server to the domain but prevent users from being able to logon to the server using say RDP with their domain credentials. If we manage to add the server to the domain, we still want the users to only logon to sql server using ssms clients but not to the server directly.
– user38729
Oct 27 '14 at 12:00
@user38729 You should be able to manage RDP credentials separately from SQL Server. Every time we bring a new SQL Server online, I can always connect to SQL Server, but I need to ask for remote desktop privileges. (I am not sure if that's how it works by default, or if we have group policy that prevents RDP, but you certainly can prevent users from RDPing.)
– Aaron Bertrand♦
Oct 27 '14 at 13:12
@user38729 You should be able to manage RDP credentials separately from SQL Server. Every time we bring a new SQL Server online, I can always connect to SQL Server, but I need to ask for remote desktop privileges. (I am not sure if that's how it works by default, or if we have group policy that prevents RDP, but you certainly can prevent users from RDPing.)
– Aaron Bertrand♦
Oct 27 '14 at 13:12
@user38729 Having installed several machines, yes it is very easy to manage. Simply allow for tcp connections to port 1433, enable SQL Server Browser service, and add a user in the SQL Server instance that is allowed for remote logon to SQL server. You don't need to touch the RDP settings as it should be denied by default, however you could specifically deny users to remotely logon to the machine to be sure.
– Reaces
Oct 27 '14 at 13:23
@user38729 Having installed several machines, yes it is very easy to manage. Simply allow for tcp connections to port 1433, enable SQL Server Browser service, and add a user in the SQL Server instance that is allowed for remote logon to SQL server. You don't need to touch the RDP settings as it should be denied by default, however you could specifically deny users to remotely logon to the machine to be sure.
– Reaces
Oct 27 '14 at 13:23
@user38729 That is something to speak with your AD administrators about. Terminal Services access (RDP) is something that is controlled by AD Group Policies. The default domain policy will be applied to the server when it is first added to the domain. Generally most AD administrators are going to place a server into an OU (e.g. like folder) that will have additional group policies to modify access. You will need to speak with them on what policy they have and what you need.
– Shawn Melton
Oct 27 '14 at 16:02
@user38729 That is something to speak with your AD administrators about. Terminal Services access (RDP) is something that is controlled by AD Group Policies. The default domain policy will be applied to the server when it is first added to the domain. Generally most AD administrators are going to place a server into an OU (e.g. like folder) that will have additional group policies to modify access. You will need to speak with them on what policy they have and what you need.
– Shawn Melton
Oct 27 '14 at 16:02
Thanks a lot for all your replies, your answers will help me decide on how to go about doing this.
– user38729
Oct 28 '14 at 11:47
Thanks a lot for all your replies, your answers will help me decide on how to go about doing this.
– user38729
Oct 28 '14 at 11:47
add a comment |
In short, no it won't work.
There are two types of windows authentication, local and domain. Seeing as how you're asking about your domain logon, that's clearly the second kind.
When you try to authenticate to a domain logon, the local machine will go up the chain in its domain group, and ask for a domain controller to authenticate your credentials.
Seeing as how the SQL server is in a workgroup, it doesn't know your domain controllers exist, let alone how to validate your credentials.
However, if your only concern is using windows users to connect to the SQL server, not necessarily using your own credentials (IE you don't want to use SQL users). This can be achieved using runas and a local user on the SQL machine. MSSQLTips post about this.
answered Oct 27 '14 at 11:34
ReacesReaces
1,67631432
add a comment |
In short, no it won't work.
There are two types of windows authentication, local and domain. Seeing as how you're asking about your domain logon, that's clearly the second kind.
When you try to authenticate to a domain logon, the local machine will go up the chain in its domain group, and ask for a domain controller to authenticate your credentials.
Seeing as how the SQL server is in a workgroup, it doesn't know your domain controllers exist, let alone how to validate your credentials.
However, if your only concern is using windows users to connect to the SQL server, not necessarily using your own credentials (IE you don't want to use SQL users). This can be achieved using runas and a local user on the SQL machine. MSSQLTips post about this.
answered Oct 27 '14 at 11:34
ReacesReaces
1,67631432
add a comment |
In short, no it won't work.
There are two types of windows authentication, local and domain. Seeing as how you're asking about your domain logon, that's clearly the second kind.
When you try to authenticate to a domain logon, the local machine will go up the chain in its domain group, and ask for a domain controller to authenticate your credentials.
Seeing as how the SQL server is in a workgroup, it doesn't know your domain controllers exist, let alone how to validate your credentials.
However, if your only concern is using windows users to connect to the SQL server, not necessarily using your own credentials (IE you don't want to use SQL users). This can be achieved using runas and a local user on the SQL machine. MSSQLTips post about this.
answered Oct 27 '14 at 11:34
ReacesReaces
1,67631432
In short, no it won't work.
There are two types of windows authentication, local and domain. Seeing as how you're asking about your domain logon, that's clearly the second kind.
When you try to authenticate to a domain logon, the local machine will go up the chain in its domain group, and ask for a domain controller to authenticate your credentials.
Seeing as how the SQL server is in a workgroup, it doesn't know your domain controllers exist, let alone how to validate your credentials.
However, if your only concern is using windows users to connect to the SQL server, not necessarily using your own credentials (IE you don't want to use SQL users). This can be achieved using runas and a local user on the SQL machine. MSSQLTips post about this.
answered Oct 27 '14 at 11:34
ReacesReaces
1,67631432
answered Oct 27 '14 at 11:34
ReacesReaces
1,67631432
answered Oct 27 '14 at 11:34
ReacesReaces
1,67631432
answered Oct 27 '14 at 11:34
ReacesReaces
1,67631432
1,67631432
add a comment |
add a comment |
Set the 'server name' to be the name of the computer and select Windows Authentication then this should log you on locally.
answered Oct 27 '14 at 10:58
SQLBenSQLBen
152417
add a comment |
Set the 'server name' to be the name of the computer and select Windows Authentication then this should log you on locally.
answered Oct 27 '14 at 10:58
SQLBenSQLBen
152417
add a comment |
Set the 'server name' to be the name of the computer and select Windows Authentication then this should log you on locally.
answered Oct 27 '14 at 10:58
SQLBenSQLBen
152417
Set the 'server name' to be the name of the computer and select Windows Authentication then this should log you on locally.
answered Oct 27 '14 at 10:58
SQLBenSQLBen
152417
answered Oct 27 '14 at 10:58
SQLBenSQLBen
152417
answered Oct 27 '14 at 10:58
SQLBenSQLBen
152417
answered Oct 27 '14 at 10:58
SQLBenSQLBen
152417
152417
add a comment |
add a comment |
By the time it was possible to Use the same domain credentials (password and username) in a created local account , where you were able to login locally, but this adds more hassle and admin overhead
answered 21 mins ago
Michael SMichael S
1
New contributor
Michael S is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
By the time it was possible to Use the same domain credentials (password and username) in a created local account , where you were able to login locally, but this adds more hassle and admin overhead
answered 21 mins ago
Michael SMichael S
1
New contributor
Michael S is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
By the time it was possible to Use the same domain credentials (password and username) in a created local account , where you were able to login locally, but this adds more hassle and admin overhead
answered 21 mins ago
Michael SMichael S
1
New contributor
Michael S is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
By the time it was possible to Use the same domain credentials (password and username) in a created local account , where you were able to login locally, but this adds more hassle and admin overhead
answered 21 mins ago
Michael SMichael S
1
New contributor
Michael S is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 21 mins ago
Michael SMichael S
1
New contributor
Michael S is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 21 mins ago
Michael SMichael S
1
answered 21 mins ago
Michael SMichael S
1
1
New contributor
Michael S is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Michael S is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Michael S is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
Thanks for contributing an answer to Database Administrators Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f81149%2fhow-to-enable-windows-authentication-on-server-that-is-not-part-of-domain%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
You can setup an account with the same name as your domain user and it can use Windows authentication. However it will not be as safe as having a Kerberos ticket used. You will actually leak your domain password (hash) to that server. It’s better to use sqlauthentication with a totally unrelated username and password.
– eckes
7 mins ago