Tag Archives: active directory

Add Remote Network Service Account to SQL Server

I make extensive use of virtual machines for testing purposes. I recently needed to allow the Network Service account of one of my VMs to connect to SQL Server on another of my VMs. Both machines are on the same domain, so I thought I could use the search feature on the new login dialog to find the Network Service for that machine. Unfortunately it was not so simple. I also had quite a difficult time find information about it on Google.

It turns out to be rather simple though. You just append $ to the name of the remote machine. Suppose my remote machine is on the domain “OURS”, and the machine’s name is “MINE”. Then the SQL login for the Network Service account on MINE is “OURS\MINE$”. You won’t be able to verify this with “Check Name” though. You’ll have to actually try connecting the the SQL Server from the remote machine to make sure it works properly.

Hopefully this will save someone else an hour or two of searching on Google.

Using IE to Connect to a Keberos Enabled Non-Default Port SharePoint Site

So that title may be a bit to swallow…. Basically, Internet Explorer does not handle authenticating to a Kerberos enabled website running on a non-default port..

For example, I created the SharePoint central administration site on host computer MOSS (port 1000) to use Kerberos authentication. I add the service principle name (HTTP/MOSS:1000, HTTP/MOSS.domainname:1000), required for Kerberos authentication, to the central administration site’s application pool account in Active Directory. When I attempt to browse to the central admin site from another computer in the domain (my host running ie 8) I get an unauthorized message after several failed attempts to login to the site with the farm administrator’s credentials. If you go back to the the central admin site’s host (MOSS2007) and tweak the local security policy to audit failed logins then you should see Kerberos 529 events in the security log (if you attempt to reach the page again). Continue reading Using IE to Connect to a Keberos Enabled Non-Default Port SharePoint Site