Linked Server

I posted this in another forum and got no response, so I'll try here:
I’ve got two servers, say ServerA and ServerB, that are Windows 2000 Adv'd
Server SP4 & Sql Server 2000 SP4 . We are going to have to go to a tighter
security enviroment where each user has their own login for auditing
purposes. What would be ideal from manageability is for each user to have
their Windows login mapped into a Domain level group, call it domain\groupa.
This works except for one thing: I cannot get the linked servers to work.
Actually, I can get a painful version of it to work: I can map a windows
login to both servers, and then run the following on ServerA:
sp_addlinkedsrvlogin 'serverb', 'false', 'domaina\winlogina', 'sa',
'sapasswordforserverb'
This works but defeats the whole purpose of using the groups! So then I try
the following so I can use the domain level group acct:
EXEC sp_addlinkedsrvlogin 'serverb', 'false', ‘domaina\groupa, 'sa', '
sapasswordforserverb '
The command succeeds and shows up in the linked server properties security
tab. But when I run a query
select * from serverb.admindatabase.dbo.smalltable
from servera through the linked server it fails with the following:
“Server: Msg 18456, Level 14, State 1, Line 1
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'”
Why does this fail? It's important to note that the domaina\groupa group
account is mapped into both servers as system administrator and it is a
domain level account! Why can I get this to work with a regular windows
account that is NOT domain level but not with an administrative domain
account'
If I can’t this to work, it’s going to create a big administrative heada
che
for me…And, btw, my goal is not to use a domain level administrative accou
nt
with regular logins - I'm just trying to get this to work.Try here:
http://support.microsoft.com/kb/925001
"CLM" wrote:

> I posted this in another forum and got no response, so I'll try here:
> I’ve got two servers, say ServerA and ServerB, that are Windows 2000 Adv
'd
> Server SP4 & Sql Server 2000 SP4 . We are going to have to go to a tighte
r
> security enviroment where each user has their own login for auditing
> purposes. What would be ideal from manageability is for each user to have
> their Windows login mapped into a Domain level group, call it domain\group
a.
> This works except for one thing: I cannot get the linked servers to work.
> Actually, I can get a painful version of it to work: I can map a windows
> login to both servers, and then run the following on ServerA:
> sp_addlinkedsrvlogin 'serverb', 'false', 'domaina\winlogina', 'sa',
> 'sapasswordforserverb'
> This works but defeats the whole purpose of using the groups! So then I t
ry
> the following so I can use the domain level group acct:
> EXEC sp_addlinkedsrvlogin 'serverb', 'false', ‘domaina\groupa, 'sa', '
> sapasswordforserverb '
> The command succeeds and shows up in the linked server properties security
> tab. But when I run a query
> select * from serverb.admindatabase.dbo.smalltable
> from servera through the linked server it fails with the following:
> “Server: Msg 18456, Level 14, State 1, Line 1
> Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'”
> Why does this fail? It's important to note that the domaina\groupa group
> account is mapped into both servers as system administrator and it is a
> domain level account! Why can I get this to work with a regular windows
> account that is NOT domain level but not with an administrative domain
> account'
> If I can’t this to work, it’s going to create a big administrative hea
dache
> for me…And, btw, my goal is not to use a domain level administrative acc
ount
> with regular logins - I'm just trying to get this to work.
>