In the following example, note that there are several arguments used with the sp_addlinkedserver System Stored Procedure: For Windows-authenticated logins, the self-mapping is sufficient to access the directory with SQL Server Security Delegation.Because the self-mapping is created by default for linked servers created through sp_addlinkedserver, no other login mapping is necessary.For SQL Server–authenticated logins, you can configure suitable logins and passwords for connecting to the directory service by using the sp_addlinkedsrvlogin System Stored Procedure.If you prefer to use a SQL Server–authenticated login rather than Windows Authentication, add a login to the linked server (see the previous section).If you are not familiar with SSO, read our introduction to SSO.The following diagram shows how a simple SSO system can work using LDAP.
In the next post, we will take a look at the Active Directory specific Principal Context API. LDAP is a protocol that defines a series of operations through which you can access information that is part of a directory.
Even though most of the time it is used as a user directory, LDAP can also work as a generic information sharing service.
One common use of LDAP is as part of single-sign-on (SSO) systems.
To do this, use the sp_addlinkedsrvlogin System Stored Procedure.
In the following example, there are several arguments that are used with the sp_addlinkedsrvlogin System Stored Procedure: After you have created a linked server, use an OPENQUERY statement to send a query to the Directory Service.