Share via

Windows Authentication for SQL Server linux

David Collins 1 Reputation point
2022-12-29T15:54:19.057+00:00

I'm attempting to establish Windows Authentication based logins on a rhel8 server hosting SQL server 2019. I've done this following the link here

I have:

  • Ensured the rhel machine is domain joined.
  • SPN created, as per the above link.
  • SPN's and Keytab files re-created to rule out any mistakes.
  • Machines can communicate, ports open, etc.
  • User is added as a "Windows User" on the SQL server.
  • Host file accurate on the rhel machine (also added a windows host file entry for good measure)
  • Re-evaluated values in command outputs such as "klist, setspn -l " etc.

Every time I attempt to log in with a Windows user I get this error, both when I log in locally (on the server itself) or from SSMS on the Windows machine.

The login is from an untrusted domain and cannot be used with Windows authentication

On a final point, I have tried Kerberos config manager but failed every time I tried to connect to my server, not sure if this is a win > linux thing a very obvious issue!?

If someone would be able to offer any possible solutions or further troubleshooting (go-to error logs?) it'd sure be appreciated. Thanks.

Windows for business Windows Server User experience Other
SQL Server Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Seeya Xi-MSFT 16,586 Reputation points
    2022-12-30T05:56:49.95+00:00

    Hi @David Collins ,

    Have you checked the error log? Do you have the relevant error messages?
    Please refer to this article: https://arslan-bobir.medium.com/sql-server-troubleshooting-resolving-the-login-is-from-an-untrusted-domain-and-cannot-be-used-7a1a6c715817

    Best regards,
    Seeya

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  2. David Collins 1 Reputation point
    2022-12-30T09:36:28.357+00:00

    Hi @Seeya Xi-MSFT , thanks for your reply.

    Screenshot of the error message I'm getting at /var/opt/mssql/log

    I'm logging in as DOMAIN\mssql, this is the user I have created the SPN with, logged into linux with and tried locally there, or via SSMS as that user.

    275006-screenshot-2022-12-30-093213.png

    For further clarity, as per the link you have sent above and like I've seen elsewhere, apparently the results of this SQL statement auth scheme should return a "Kerberos" entry after creating an SPN, however as per the image below mine does not. Just adding incase it helps.

    274930-screenshot-2022-12-30-093213.png

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.