Cluster Nodes and Windows Domains
All nodes in the cluster must be members of the same
domain and able to access a domain controller and a Domain
Name System (DNS) server, as well as a WINS server. The
nodes should not be configured as domain controllers if
you are going to install SQL Server, as you may encounter
some problems, including the fact that domain controller
functionality (such as Active Directory) is not cluster
aware, so all information will be local. This impacts
things such as a directory enabled program's ability to
publish under the virtual server's computer object, which
does not work in a cluster. A WINS server is still
required for Windows 2000/SQL Server 2000 in a clustered
environment if name resolution of virtual resource is
required.
My question:
After reading the above paragraph. I want to setup two
nodes as peer to peer domain controllers running Windows
2000 Advanced, SQL Server 2000, Active directory service
running on each node, in a cluster environment.
What part of this is not cluster aware?
Why do I need a WINS server if I have DNS?
Why can't my nodes be a domain controller?( I'm using the
company's DNS server)
What does this means? (directory enabled program's ability
to publish under the virtual server's computer object,
which does not work in a cluster.)I would never, ever recommend installing SQL Server on a domain controller.
The security exposure is huge.
Steve
"Tony" <tony.baks@.tdh.state.tx.us> wrote in message
news:038001c35089$9061b550$a301280a@.phx.gbl...
> Cluster Nodes and Windows Domains
> All nodes in the cluster must be members of the same
> domain and able to access a domain controller and a Domain
> Name System (DNS) server, as well as a WINS server. The
> nodes should not be configured as domain controllers if
> you are going to install SQL Server, as you may encounter
> some problems, including the fact that domain controller
> functionality (such as Active Directory) is not cluster
> aware, so all information will be local. This impacts
> things such as a directory enabled program's ability to
> publish under the virtual server's computer object, which
> does not work in a cluster. A WINS server is still
> required for Windows 2000/SQL Server 2000 in a clustered
> environment if name resolution of virtual resource is
> required.
> My question:
> After reading the above paragraph. I want to setup two
> nodes as peer to peer domain controllers running Windows
> 2000 Advanced, SQL Server 2000, Active directory service
> running on each node, in a cluster environment.
> What part of this is not cluster aware?
> Why do I need a WINS server if I have DNS?
Many applications still require WINS...
> Why can't my nodes be a domain controller?( I'm using the
> company's DNS server)
HUGE security exposure, consider using a member server for your SQL Server
implementation.
> What does this means? (directory enabled program's ability
> to publish under the virtual server's computer object,
> which does not work in a cluster.)
Showing posts with label domains. Show all posts
Showing posts with label domains. Show all posts
Sunday, March 25, 2012
Friday, February 24, 2012
Clients in different domains
I have situation like this:
Company with one head office and one remote office. In the two offices I have two domains with two PDCs. The two networks are connected with eachother through leased line and the routers are configured properly. The SQL Server is on the PDC in head office and "local" clients connect fine. I cannot connect from the remote office. I think that I have folowing solutions:
1. make trust relationships between two domains - it will be hard a little bit because second PDC is samba on linux
2. make all clients in remote office to be members of the head office domain - potential problems if the leased line drops
3. make all clients to log in with same account as SQL Server logs locally - stupid
4. something else - what?
Thanks in advance!
DanielSql authentication is designed for such cases as this.
http://msdn.microsoft.com/library/en-us/architec/8_ar_cs_79kj.asp|||I am with SQL Server authentication and despite of this I cannot connect from some computers...|||Take a look at the following kb and make sure the firewall is setup correctly.
http://support.microsoft.com/default.aspx?scid=kb;en-us;287932
Company with one head office and one remote office. In the two offices I have two domains with two PDCs. The two networks are connected with eachother through leased line and the routers are configured properly. The SQL Server is on the PDC in head office and "local" clients connect fine. I cannot connect from the remote office. I think that I have folowing solutions:
1. make trust relationships between two domains - it will be hard a little bit because second PDC is samba on linux
2. make all clients in remote office to be members of the head office domain - potential problems if the leased line drops
3. make all clients to log in with same account as SQL Server logs locally - stupid
4. something else - what?
Thanks in advance!
DanielSql authentication is designed for such cases as this.
http://msdn.microsoft.com/library/en-us/architec/8_ar_cs_79kj.asp|||I am with SQL Server authentication and despite of this I cannot connect from some computers...|||Take a look at the following kb and make sure the firewall is setup correctly.
http://support.microsoft.com/default.aspx?scid=kb;en-us;287932
Thursday, February 16, 2012
Client Network Utility cannot create alias for VPN SQL server connection?
I am trying to connect two SQL servers in different non-trusted domains.
SQLServer11 in Domain A and SQLServer22 in domain B. This is through a VPN
connection. Domain A has the VPN server. On SQLServer22 I could ping
SQLServer11.mydomain.local at IP address 192.168.100.50. On SQLServer22 I
use the client network utility to create an alias for SQLServer11 as
follows:
Network Libraries: TCP/IP
Server name: 192.168.100.50
Port No: 1433
Server alias: SQLServer11
Then I registered the new SQLServer11 in enterprise manager. But I keep
getting the error message "SQL server does not exist or access
denied.ConnectionOpen(Connect())" .
Why is this so? And how can I rectify the problem'If you use ping -a <ip address> does it bring back the correct name for the
server? If you ping SQLServer11 does it return the proper ip address? If
you are using NT authentication to register then try SQL authentication..
Verify that it is using port 1433 and that SQL Server is actually listening
on TCP/IP.
Rand
This posting is provided "as is" with no warranties and confers no rights.
SQLServer11 in Domain A and SQLServer22 in domain B. This is through a VPN
connection. Domain A has the VPN server. On SQLServer22 I could ping
SQLServer11.mydomain.local at IP address 192.168.100.50. On SQLServer22 I
use the client network utility to create an alias for SQLServer11 as
follows:
Network Libraries: TCP/IP
Server name: 192.168.100.50
Port No: 1433
Server alias: SQLServer11
Then I registered the new SQLServer11 in enterprise manager. But I keep
getting the error message "SQL server does not exist or access
denied.ConnectionOpen(Connect())" .
Why is this so? And how can I rectify the problem'If you use ping -a <ip address> does it bring back the correct name for the
server? If you ping SQLServer11 does it return the proper ip address? If
you are using NT authentication to register then try SQL authentication..
Verify that it is using port 1433 and that SQL Server is actually listening
on TCP/IP.
Rand
This posting is provided "as is" with no warranties and confers no rights.
Subscribe to:
Posts (Atom)