![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 51%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
SQL Server | Other
Additional SQL Server features and topics not covered by specific categories
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
This is the famous double-hop issue. That is, when you connect from ServerA from ServerC, ServerA must be able to send your security token to ServerB. For this work, you need to have Kerberos running and SPNs in place. If you are in a workgroup and not a domain, it is unlikely that you can get it to work at all.
As a starting point, when you connect from ServerC, run this query:
SELECT auth_scheme FROM sys.dm_exec_connections WHERE session_id = @@spid
If it says KERBEROS, that's at least a start. If it says NTLM, that's the first thing to you need to change.
I'm not very good at this stuff myself, but I have found that David Postlewaite's presentations has helped me to understand a little bit. You can watch him on YouTube here: https://www.youtube.com/watch?v=oY9-qctTMwQ