Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
malachi151
Posting Yak Master
152 Posts |
 Posted - 2012-03-01 : 17:54:24
|
| I know this is a stupid way to go about things, but I'm curious about how it might be done if we need to do it.I'm not the DBA or sys admin here, and we don't have delegation setup properly to allow Windows Authentication for linked logins, so right now all linked logins use a dedicated SQL login.What I wonder is, is it possible to DENY permissions to use a linked server to users?Can you do like DENY X ON SomeLinkedServer TO principle?I'm not sure what X should be???--------------------------------------------------My blog: http://practicaltsql.net/Twitter: @RGPSoftware |
|
|
influent
Constraint Violating Yak Guru
367 Posts |
Posted - 2012-03-01 : 19:50:04
|
| I could be wrong but I'm pretty sure that's not possible.http://stackoverflow.com/questions/3136015/sql-server-how-to-deny-users-access-to-linked-servers |
 |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
|
|
malachi151
Posting Yak Master
152 Posts |
Posted - 2012-03-02 : 12:50:25
|
| That's kinda what I was afraid of. We'll get delegation working and use the security context of the logged in user...--------------------------------------------------My blog: http://practicaltsql.net/Twitter: @RGPSoftware |
|
|
|
russell
Pyro-ma-ni-yak
5072 Posts |
Posted - 2012-03-02 : 12:55:00
|
quote:
Originally posted by malachi151
That's kinda what I was afraid of. We'll get delegation working and use the security context of the logged in user...--------------------------------------------------My blog: http://practicaltsql.net/Twitter: @RGPSoftware
That ought to take like 5 minutes. Why are you afraid? |
|
|
|
malachi151
Posting Yak Master
152 Posts |
Posted - 2012-03-02 : 14:58:32
|
quote:
Originally posted by russell
quote:
Originally posted by malachi151
That's kinda what I was afraid of. We'll get delegation working and use the security context of the logged in user...--------------------------------------------------My blog: http://practicaltsql.net/Twitter: @RGPSoftware
That ought to take like 5 minutes. Why are you afraid?
I'm not the one doing it. :p--------------------------------------------------My blog: http://practicaltsql.net/Twitter: @RGPSoftware |
|
|
|
russell
Pyro-ma-ni-yak
5072 Posts |
Posted - 2012-03-02 : 16:08:34
|
| Good answer lol. |
|
|
|
GilaMonster
Master Smack Fu Yak Hacker
4507 Posts |
Posted - 2012-03-02 : 17:06:34
|
| Kerberos delegation is one of those things where if it works it takes 5 min, if it doesn't work, it's more like 5 days of pulling hair out.Malachi, if you struggle getting Kerberos delegation working maybe see if you can get hold of SQL Server MVP Deep Dives 1. There's a chapter on configuring Kerberos delegation in there.--Gail ShawSQL Server MVP |
|
|
|
|
|
|
DENY permissions to linked server?