Connecting to MSSQL Server Remote Management via Gateway, with Integrated Security
Connecting to MSSQL Server Remote Management via Gateway, with Integrated Security
I'm attempting to set up entries to connect to our MS SQL servers using the in-built entry type in RDM (verrsion 2025.3.39.0), going via our Devolutions Gateway (version 25.3.3).
Currently the setup is as follows:
- Entry is set up to use a Gateway Tunnel
- Entry has a hostname of 127.0.0.1 with the port that the tunnel is using
- Entry is configured with "Integrated security (Active Directory)" as the "Login mode"
- Credentials are set to "Inherited" (at the top level of the vault credentials are linked to a user's own AD username and password which are stored in their User Vault)
When I attempt to connect, the tunnel connects, but the SQL connection failed with "The target principal name is incorrect. Cannot generate SSPI context".
Our end-users are not logged onto their laptops with domain accounts.
Is the issue something to do with the double-hop that we're attempting? (I.e. from RDM to the Gateway, then from the Gateway to the SQL server?)
All Comments (3)
Hello,
Thank you for reaching out to us regarding this,
I have found the following knowledge base article from Microsoft directly regarding this specific error:
https://learn.microsoft.com/en-us/troubleshoot/sql/database-engine/connect/cannot-generate-sspi-context-error
Could you have a look and let me know if it helps in your case?
Best regards,
Samuel Dery
It looks like we have the same issue as discussed in MS SQL Server Remote Management Session Type not working as expected - so hopefully when that is sorted, we'll be good too.
Hello Stephen,
Thank you for your reply,
I see, good catch! Hopefully, that resolves your issue also.
If not, feel free to let me know and we can investigate further,
Best regards,
Samuel Dery