Loading

Linux client with AD authentication login windows SQL Server

Pre-Work

  • linux should join AD same as SQL Server
  • setspn on windows SQL Server for linux

Windows SQL Server

C:\Users\Administrator>setspn -L sqladmin
Registered ServicePrincipalNames for CN=sqladmin,CN=Users,DC=sqlrepro,DC=edu:
        MSSQLSvc/primarydc.sqlrepro.edu:1433
        MSSQLSvc/primarydc:1433
        MSSQLSvc/2016cl.sqlrepro.edu:1433

C:\Users\Administrator>setspn -S MSSQLSvc/linux.sqlrepro.edu:1433 sqlrepro\sqladmin     # linux.sqlrepro.edu is linux server which joined AD
Checking domain DC=sqlrepro,DC=edu

Registering ServicePrincipalNames for CN=sqladmin,CN=Users,DC=sqlrepro,DC=edu
        MSSQLSvc/linux.sqlrepro.edu:1433
Updated object

C:\Users\Administrator>setspn -L sqladmin
Registered ServicePrincipalNames for CN=sqladmin,CN=Users,DC=sqlrepro,DC=edu:
        MSSQLSvc/linux.sqlrepro.edu:1433
        MSSQLSvc/primarydc.sqlrepro.edu:1433
        MSSQLSvc/primarydc:1433
        MSSQLSvc/2016cl.sqlrepro.edu:1433

linux:

[sqladmin@sqlrepro.edu@linux ~]$ hostname
linux.sqlrepro.edu
[sqladmin@sqlrepro.edu@linux ~]$ realm -v join -U "administrator@SQLREPRO.EDU" SQLREPRO.EDU
 * Resolving: _ldap._tcp.sqlrepro.edu
 * Performing LDAP DSE lookup on: 192.168.2.50
 * Successfully discovered: sqlrepro.edu
realm: Already joined to this domain
[sqladmin@sqlrepro.edu@linux ~]$ id sqladmin@SQLREPRO.EDU
uid=1626404604(sqladmin@sqlrepro.edu) gid=1626400513(domain users@sqlrepro.edu) groups=1626400513(domain users@sqlrepro.edu)
[sqladmin@sqlrepro.edu@linux ~]$ kinit sqladmin@SQLREPRO.EDU
Password for sqladmin@SQLREPRO.EDU:
[sqladmin@sqlrepro.edu@linux ~]$ klist
Ticket cache: KEYRING:persistent:1626404604:1626404604
Default principal: sqladmin@SQLREPRO.EDU

Valid starting       Expires              Service principal
08/15/2022 02:52:21  08/15/2022 12:52:21  krbtgt/SQLREPRO.EDU@SQLREPRO.EDU
        renew until 08/22/2022 02:52:18
[sqladmin@sqlrepro.edu@linux ~]$ whoami
sqladmin@sqlrepro.edu
[sqladmin@sqlrepro.edu@linux ~]$ sqlcmd -S primarydc -E -Q'select system_user'
                                                                                                           
--------------------------------------------------------------------------------------------------------------------------------
SQLREPRO\sqladmin                                                                                          

(1 rows affected)

作者:Jas0n0ss

出处:https://www.cnblogs.com/Jas0n0ss/p/16588617.html

版权:本作品采用「MIT」许可协议进行许可。

posted @   Jas0n0ss  阅读(67)  评论(0编辑  收藏  举报
相关博文:
·  Linux Server Join Windows Active Directory
·  Linux client login windows SQL Server with keytab
·  疫情远程办公Citrix XenDesktop 2203长期稳定版本虚拟云桌面部署教程
·  【深度分析】关于SPN不正确导致SQL数据库连接失败
·  AD 域服务简介和使用——其实都是配置dns和域控服务器,各pc加入域,然后设置账号,用AD来进行统一管理
阅读排行:
· winform 绘制太阳,地球,月球 运作规律
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· AI 智能体引爆开源社区「GitHub 热点速览」
· 写一个简单的SQL生成工具
· Manus的开源复刻OpenManus初探
more_horiz
keyboard_arrow_up light_mode palette
选择主题
点击右上角即可分享
微信分享提示