Share via

SQL Server Linked Server Authentication Issue After Windows 11 Upgrade

Veronika Komarov - X 5 Reputation points
2024-10-10T14:24:57.1766667+00:00

After upgrading client machines to Windows 11, SQL Server Linked Servers configured with "Be made using login’s security context" authentication stopped functioning, resulting in the error: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. What steps can be taken to resolve this issue?

Windows for business Windows Client for IT Pros User experience Other
SQL Server Other

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Wesley Li 11,245 Reputation points
    2024-10-11T07:48:19.4766667+00:00

    Hello

    It seems that the issue you're encountering with SQL Server Linked Servers after upgrading to Windows 11 is related to authentication and the Kerberos protocol.

    Linked Server Account Mapping Issue: You might encounter these error messages because of a linked server account mapping issue. You can correct this error by forcing TCP/IP or granting the appropriate permissions. In the Linked Server security dialog box, select "Be made with this security context" for a successful SQL Server login. When you select "Be made without using a security context" option, you will see the error message: "Login Failed for user NT AUTHORITY\ANONYMOUS LOGON" .

    Windows Defender Credential Guard: Disabling Windows Defender Credential Guard has been reported to resolve similar issues. You can manage Credential Guard settings through Group Policy .

    Group Policy Settings: Go to Group Policy and select LDAP for signing none in security settings, then try to go around RPC to authenticate everything and finally check Kerberos armoring in Group Policy with KDC. Try disabling Group Policy computer configuration and user configuration and restart the computer to try again .

    0 comments
  2. newbie 0 Reputation points
    2025-02-27T08:10:05.6766667+00:00

    As I know, this error only effected to domain user, but not for local user.

    Temporary Workaround: Rollback to Windows 23H2

    Rolling back to Windows 23H2 restored normal linked server functionality. Do not use the "Uninstall Windows Update" option. Instead, go to System > Recovery and use the "Go Back" option to revert to the previous version. However, this is not a practical long-term solution since regular updates are essential.

    Final Solution: Enhance Linked Server Security Settings

    Instead of rolling back, I made the following changes to the Linked Server Security Properties:

    1. Go to Linked Server Properties → Security.
    2. Under "Local server login to remote server login mappings", add explicit mappings:
    • Select the domain account that needs access.
      • Map it to a remote SQL login/Local SQL user with appropriate permissions.
      • Ensure domain users are mapped to a SQL login to prevent anonymous authentication failures.

    By explicitly mapping domain users to a local SQL login, the linked server now works correctly even on Windows 24H2.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.