Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

How to: Allow Service Broker Network Access by Using Windows Authentication (Transact-SQL)

To allow another instance to send messages using Windows Authentication for transport security, you create a user in the master database for the startup service account for the other instance.

To permit Service Broker access using Windows Authentication

  1. Create a login for the startup service account for the other instance.

  2. Grant that user CONNECT permission to the Service Broker endpoint.

Once access is configured in each instance, then communications between the two instances use Service Broker transport security when the transport security configuration option is set in both databases.


If both instances run as the same domain account, then the instances can always communicate using Windows Authentication for transport security. If the instances run as the LocalSystem account, the login name is MachineName$, and Kerberos must be available on the network to use the machine account.

USE master ;


GRANT CONNECT ON ENDPOINT::ThisInstanceEndpoint to [DOMAIN\user] ;
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

© 2015 Microsoft