Like a lot of companies that use Windows, my PC is connected to a domain and this is great when I’m connecting to the companies SQL Servers using Windows Credentials in SSMS because it “just works”™.
But sometimes I need to VPN to another domain and connect to SQL Servers on the other domain using Windows Credentials. SSMS doesn’t have an option for this so how do you do it?
Quite a few people have already blogged about this, however none of their methods worked for me going across domains. The problem is that my local computer can’t launch SSMS using remote credentials, because my PC doesn’t trust them.
When I thought all was lost I stumbled across an answer on dba.stackexchange by Aaron Bertrand. Basically you need to use the
runaa command with the
/netonly parameter. This will launch SSMS using your current credentials, but any network traffic will appear as if it’s coming from the specified user. On my PC I need to run the following from a command window, or from the run menu:
runas /netonly /user:RemoteDomainGreg.Dodd "C:Program Files (x86)Microsoft SQL Server130ToolsBinnManagementStudiossms.exe"
I could make this into a shortcut if I used it regularly. When I run this command I’m prompted to enter the password for the remote domain. Once I do that SSMS will be started:
You can see that the User name field is still disabled and still has my normal domain. If you look at Task Manager you can confirm that SSMS is running under my normal Doddsy domain credentials.
However, when I connect to the remote server, magic happens and SSMS connects to the remote server on the remote domain using the credentials of the remote domain!