cross forest authenticatoin sql 2016

Question

cross forest authenticatoin sql 2016

Jack B 21

Have the following:
Client AD Forest (non-azure) with an RDS Server. Primary Forest (non-anzure) that houses a SQL 2016 Server. Bi-Directional Trust exists between domains.
.
I need for users in the Client Forest to be able to use their domain accounts to access a SQL Instance on my SQL Server.
.
Using SSMS, I can add Users and Groups from the Client Domain and grant permissions on the individual databases within that instance.
.
However, when testing from the client RDS Server, I get Failed Login. DB access is working because I can use a SQL Account (such as SA) and access is successful.
.
Any suggestions for configuration or troubleshooting?

Sean Gallardy - MSFT 1,886 Reputation points Microsoft Employee

2021-02-13T02:26:11.617+00:00

You get login failed, which is 18456, what's the STATE value of that? You'll need to look in the engine errorlog.

Sean Gallardy - MSFT 1,886 Reputation points Microsoft Employee

2021-02-13T02:26:11.617+00:00

You get login failed, which is 18456, what's the STATE value of that? You'll need to look in the engine errorlog.

Answer 1

Fan Fan 15,266 Microsoft Vendor

Hi,

I would recommend you enable the audit policy for the logon .
Then Failure events will show you failed logon attempts and the reason why these attempts failed.
For more details you can refer to :
https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/audit-logon
Best Regards,

cross forest authenticatoin sql 2016

0 additional answers

Activity