I have a ssis package deployed to ssis catalog in ServerA. It is configured to be run via sql agent job step.
The job step is set to Run As proxy user that is pointing to a domain user credential. Example: domainname\user1
Effectievly the ssis package is getting run in context of the above user.
The ssis package access a file on shared drive located on ServerB and dumps the data into a sql table on ServerC.
The sql table on ServerC is access via linked server configured on ServerA using the same windows account and impersonate is check marked. Delegation is not configured.
There is an error when dumping data to sql table via linked server since I have not configured delegation. My question is that – why does linked server need delegation for Windows domain user where as accessing a shared network file using the same account doesn't need any delegation?
Best Answer
This happens as the ssis is not involved in a two hops windows authentication process. As you said you use a proxy so you impersonate an account that is used directly against the CIFS share.
Instead with a linked server you are doing a two hops windows authentication:
To avoid two hops in ssis, don't use linked server. Instead use a direct connection string.