We have a domain, say OUR_DOMAIN. Within this I replication running happily
for several months from MYSQLSERVER . We now have another "trusted" domain
at a co-location, OTHERDOMAIN.
To see a machine from the other I need to use MYSQLSERVER.OUR_DOMAIN.
However, when I set up a pull replication from the OTHERDOMAIN machine, say
MYSQLSUB, the task fails trying to connect to MYSQLSERVER, even though I
refer to it as MYSQLSERVER.OUR_DOMAIN.
The Pull subscription is created properly, and I go to the job list and run
the job. The step is
-Publisher MYSQLSERVER-PublisherDB [PublishDB] -Publication
[MyPubName] -Distributor [MYSQLSERVER] -SubscriptionType 1 -Subscriber
[MYSQLSUB] -SubscriberSecurityMode 1 -SubscriberDB [MyDBName]
However it is unable to connect, The process could not connect to
Distributor 'MYSQLSERVER'.
If I change the job to be publisher MYSQLSERVER.OUR_DOMAIN then I get the
error "The process could not retrieve security information from the
Subscriber for Distributor 'MYSQLSERVER'. The step failed." Which suggests
adding the domain to the publisher worked. However if I add the domain to
the distributor
-Publisher MYSQLSERVER.OUR_DOMAIN-PublisherDB [PublishDB] -Publication
[MyPubName] -Distributor [MYSQLSERVER.OUR_DOMAIN] -SubscriptionType
1 -Subscriber [MYSQLSUB] -SubscriberSecurityMode 1 -SubscriberDB [MyDBName]
I get "The process could not retrieve security information from the
Subscriber for Distributor MYSQLSERVER.OUR_DOMAIN'. The step failed."
Both agents are running under administrator level accounts on their
respective domains, and the subscriber account is in the Publication Access
List.
Any help with naming conventions used here or any resources or pointers
would be greatly appreciated.
Cheers!
Simon
I prefer to use NetBIOS names to register the servers in EM. Then I hide the
FQDN or the IP address of the server using Client Network Utility. I then
use a single account in both domains with the same password to connect to
both server and I also use this account to run the SQL Server agent account
under.
So on OUR_Domain the account would be SimonCar and the password could be
Racnomis. On OtherDomain the account would be SimonCar and the password
could be Racnomis. Another option is to use local machine accounts with the
same name and password.
A third option is to use SQL Server authentication.
One final point is that a patch has changed the way agent security works.
You must now run the agents with the SA job owner.
Hilary Cotter
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"Simon" <simoncar@.NotThisBittotalise.co.uk> wrote in message
news:%23LmtjUb8FHA.3132@.TK2MSFTNGP12.phx.gbl...
> We have a domain, say OUR_DOMAIN. Within this I replication running
> happily for several months from MYSQLSERVER . We now have another
> "trusted" domain at a co-location, OTHERDOMAIN.
> To see a machine from the other I need to use MYSQLSERVER.OUR_DOMAIN.
> However, when I set up a pull replication from the OTHERDOMAIN machine,
> say MYSQLSUB, the task fails trying to connect to MYSQLSERVER, even
> though I refer to it as MYSQLSERVER.OUR_DOMAIN.
> The Pull subscription is created properly, and I go to the job list and
> run the job. The step is
> -Publisher MYSQLSERVER-PublisherDB [PublishDB] -Publication
> [MyPubName] -Distributor [MYSQLSERVER] -SubscriptionType 1 -Subscriber
> [MYSQLSUB] -SubscriberSecurityMode 1 -SubscriberDB [MyDBName]
> However it is unable to connect, The process could not connect to
> Distributor 'MYSQLSERVER'.
> If I change the job to be publisher MYSQLSERVER.OUR_DOMAIN then I get the
> error "The process could not retrieve security information from the
> Subscriber for Distributor 'MYSQLSERVER'. The step failed." Which
> suggests adding the domain to the publisher worked. However if I add the
> domain to the distributor
> -Publisher MYSQLSERVER.OUR_DOMAIN-PublisherDB [PublishDB] -Publication
> [MyPubName] -Distributor [MYSQLSERVER.OUR_DOMAIN] -SubscriptionType
> 1 -Subscriber [MYSQLSUB] -SubscriberSecurityMode 1 -SubscriberDB
> [MyDBName]
> I get "The process could not retrieve security information from the
> Subscriber for Distributor MYSQLSERVER.OUR_DOMAIN'. The step failed."
> Both agents are running under administrator level accounts on their
> respective domains, and the subscriber account is in the Publication
> Access List.
> Any help with naming conventions used here or any resources or pointers
> would be greatly appreciated.
> Cheers!
> Simon
>
>
|||Hilary Cotter wrote:
> I prefer to use NetBIOS names to register the servers in EM. Then I
> hide the FQDN or the IP address of the server using Client Network
> Utility. I then use a single account in both domains with the same
> password to connect to both server and I also use this account to run
> the SQL Server agent account under.
> So on OUR_Domain the account would be SimonCar and the password could
> be Racnomis. On OtherDomain the account would be SimonCar and the
> password could be Racnomis. Another option is to use local machine
> accounts with the same name and password.
> A third option is to use SQL Server authentication.
>
The network guy has now set it so I can use just <servername>. I have set
the ReplData to be a share and point to that from the subscriber (it has
permissions to this share). The <Otherservername> is in the list of
subscribers but SQL claims it isn't from <Otherservername> when I request a
Pull subscription, but if I allow anonymous I can get it replicating fine.
The only downside of that I am aware of is the retention of replicated
transactions if I allow anonymous?
The same user/password seems simple enough for me to appreciate!
Thanks for your help.
Cheers!
Simon
|||> The <Otherservername> is in the
> list of subscribers but SQL claims it isn't from <Otherservername>
> when I request a Pull subscription, but if I allow anonymous I can
> get it replicating fine. The only downside of that I am aware of is
> the retention of replicated transactions if I allow anonymous?
There is some connectivity/authentication issue still here becuause if I add
the subscriber to the publisher from a copy of EM on the subscriber it
works, if I add the subscriber to subscribers through EM from my machine or
the publisher it doesn't recognise it even though the same machine name is
used.
Friday, March 30, 2012
Replication to trusted domain - naming convention problem?
Labels:
convention,
database,
domain,
happilyfor,
microsoft,
mysql,
mysqlserver,
naming,
oracle,
our_domain,
replication,
running,
server,
sql,
trusted
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment