NT AuthorityAnonymous Logon in SQL service instance

  • 18 December 2015
  • 0 replies
  • 71 views

Badge +10


 

Symptoms


NT Authority/Anonymous Login error on SQL service instance when "set native execution" is checked.
 

Diagnoses


The behavior of K2 in this scenario is as follows.

1. K2 connects to it's SQL database (hosting the K2 Server DB)
2. K2 uses that SQL connection, to connect to the 'other' SQL server, and passes the credentials used to login
3. This creates a double hop scenario, as this is not possible with standard authentication, we see the error referencing NT AUTHORITYAnonymous Login. (http://blogs.technet.com/b/askds/archive/2008/06/13/understanding-kerberos-double-hop.aspx)
 

Resolution

There are two options to resolve this issue. Disabling native execution works in a different way than previous, and does not customize the query passed to SQL. In essence, K2 returns the entire data set and does filtering on that set internally.

The other option, is to configure Kerberos, which eliminates this double hop issue without a performance impact.




 

0 replies

Be the first to reply!

Reply