Post by Alois Stol » Thu, 03 Sep 1998 04:00:00

I have servers in different non-trusted domains,
but trusted connection (multiprotocol).
Replication works, if there are
  - local NT-Accounts with administrator-priviledges on the
  - with same User-id /password of distribution-Server-SQL-EXEC-account.

My Problems :  I don't want to have the same password everywhere
                           and how can i restrict the access with this
account only to "Replication"
                           (because this accout is mapped to <sa>)

What i have tried :

For the distribution task exist two parameters
   -U <login-id>  -P <password>
When i Use these parameters - they are ignored (!?)

I don't know exactly how distribution task works ???
    - NT Login with SQL-EXEC-Account on subsciber-Server
    - SQL-Serverlogin with mapped <sa>  ??
    - remotelogin-mapping on subscriberserver ??

I hope, someone knows the details

Alois Stoll
Oberste Baubeh?rde im Bayerischen Staatsministerium des Innern


Post by Alois Stol » Tue, 08 Sep 1998 04:00:00

As I got no answer, I think,  i didn't explain my problem very well.
I'll try once again  ...

If have about 20 Department-Servers (different NT-Domain, own
For one Application we have to do bi-dir-Replikation.

It works, if i tell all the local Administrators to create a local
with same NT-Account/Password used from SQL-Executive on Center-Server.
This account has to have <sa> permission.

Now all these local administrators are able to log on CenterServer with this
account and they are <sa> !.
The door is open ....

My Problem : How can i restrict Access only for Replication (distribution
task) ?
Replication-Task uses  <remoteserver>_<SQLExec-account> as login on
subscriver-server .

I want to have a solution e.g.  <repl_login> + xp_grantlogin rep_login
'repl', but i don't know how.

I tried to use the  -U <login-id>  -P <password> parameters, but didn't

I hope, someone can help me

Alois Stoll
Oberste Baubeh?rde im Bayerischen Staatsministerium des Innern


