cross forest authenticatoin sql 2016

Jack Brasher 21 Reputation points
2021-02-12T21:53:14.973+00:00

Have the following:
Client AD Forest (non-azure) with an RDS Server. Primary Forest (non-anzure) that houses a SQL 2016 Server. Bi-Directional Trust exists between domains.
.
I need for users in the Client Forest to be able to use their domain accounts to access a SQL Instance on my SQL Server.
.
Using SSMS, I can add Users and Groups from the Client Domain and grant permissions on the individual databases within that instance.
.
However, when testing from the client RDS Server, I get Failed Login. DB access is working because I can use a SQL Account (such as SA) and access is successful.
.
Any suggestions for configuration or troubleshooting?

SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
13,645 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,413 questions
{count} votes

Accepted answer
  1. Fan Fan 15,326 Reputation points Microsoft Vendor
    2021-02-15T02:26:00.053+00:00

    Hi,

    I would recommend you enable the audit policy for the logon .
    Then Failure events will show you failed logon attempts and the reason why these attempts failed.
    For more details you can refer to :
    https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/audit-logon
    Best Regards,

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.