After applying the Cummulative Hotfix installation
(Q316333) clients can no longer connect remotely via TCP/IP
SQL2000 SP2 on Windows 2000 SP2
SQL Service runs under a domain account that is a member
of the local administrators group on the server.
Connection via TCP/IP results in the following error
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
However if I change the startup account of the SQL Service
to Local System, connections authenticate just fine. Also
if I set up a named pipes alias for the server I can
connect fine. So it seems to be that when the SQl Service
is running under a domain account and a client tries to
connect via TCP/IP and NT Authentication it fails. From a
Terminal Services session on the server itself I am able
to log in via NT authentication because its using the
local pipe/shared memory so this problem seems to be
limited to TCP/IP connections trying to use NT
Authentication , SQL Authentication is fine.
Anyone shed some light on this - I am thinking of
reinstalling MDAC as a first step. I have actually backed
out of the patch but I can find no instructions for
undoing the registry changes made by servpriv.exe which I
suspect is part of the problem. Other servers I have
applied this patch to are all fine - no problems