Dear SQL Server / Windows PROs:
I am trying to set up a solution here (based on SQL Server 2012 Std + Windows Server 2012 R2).
Currently the setup is based on a Cluster (two servers, 1 SAN) and stand alone server.
They all under one single domain so I have no problem with them to talk to each other. Because of business decision I was asked to set up
another two servers outside that domain.
One as mirroring / log shipment recipient, the other one has to communicate with the cluster to keep several objects in sync (few tiny tables total under 10mb) and send some data back (here it will be more data, but we can accept longer delays).
Whatever I am trying I am hitting the wall during the authentication setting as being outside the same Active Directory is just killing the whole concept.
Can you show me a direction of how can I pass it? Doesn't have to be detailed I will do my homework. Thanks!
Best Answer
Because the machines are on different domains, you cannot use Windows/Integrated authentication. For mirroring, you can use certificates instead. The place to start is here:
https://docs.microsoft.com/en-us/sql/database-engine/database-mirroring/setting-up-database-mirroring-sql-server.
In that article, there is a specific section that links to the details of setting up certificates for outbound and inbound traffic.
https://docs.microsoft.com/en-us/sql/database-engine/database-mirroring/use-certificates-for-a-database-mirroring-endpoint-transact-sql.