microsoft · jimmystridh · Jan 29, 2026 · Jan 30, 2026 · Jan 31, 2026 · Feb 3, 2026
diff --git a/cmd/sqlcmd/sqlcmd.go b/cmd/sqlcmd/sqlcmd.go
@@ -82,6 +82,7 @@ type SQLCmdArguments struct {
 	ChangePassword              string
 	ChangePasswordAndExit       string
 	TraceFile                   string
+	ServerNameOverride          string
 	// Keep Help at the end of the list
 	Help bool
 }
@@ -411,6 +412,7 @@ func setFlags(rootCmd *cobra.Command, args *SQLCmdArguments) {
 	rootCmd.Flags().StringVarP(&args.InitialQuery, "initial-query", "q", "", localizer.Sprintf("Executes a query when sqlcmd starts, but does not exit sqlcmd when the query has finished running. Multiple-semicolon-delimited queries can be executed"))
 	rootCmd.Flags().StringVarP(&args.Query, "query", "Q", "", localizer.Sprintf("Executes a query when sqlcmd starts and then immediately exits sqlcmd. Multiple-semicolon-delimited queries can be executed"))
 	rootCmd.Flags().StringVarP(&args.Server, "server", "S", "", localizer.Sprintf("%s Specifies the instance of SQL Server to which to connect. It sets the sqlcmd scripting variable %s.", localizer.ConnStrPattern, localizer.ServerEnvVar))
+	rootCmd.Flags().StringVar(&args.ServerNameOverride, "server-name", "", localizer.Sprintf("Specifies the server name to use for authentication when tunneling through a proxy. Use with -S to specify the dial address separately from the server name sent to SQL Server."))
 	_ = rootCmd.Flags().IntP(disableCmdAndWarn, "X", 0, localizer.Sprintf("%s Disables commands that might compromise system security. Passing 1 tells sqlcmd to exit when disabled commands are run.", "-X[1]"))
 	rootCmd.Flags().StringVar(&args.AuthenticationMethod, "authentication-method", "", localizer.Sprintf(
 		"Specifies the SQL authentication method to use to connect to Azure SQL Database. One of: %s",
@@ -738,6 +740,7 @@ func setConnect(connect *sqlcmd.ConnectSettings, args *SQLCmdArguments, vars *sq
 	}
 	connect.HostNameInCertificate = args.HostNameInCertificate
 	connect.ServerCertificate = args.ServerCertificate
+	connect.ServerNameOverride = args.ServerNameOverride
 	connect.PacketSize = args.PacketSize
 	connect.WorkstationName = args.WorkstationName
 	connect.LogLevel = args.DriverLoggingLevel

diff --git a/internal/translations/catalog.go b/internal/translations/catalog.go
diff --git a/internal/translations/locales/de-DE/out.gotext.json b/internal/translations/locales/de-DE/out.gotext.json
@@ -2672,6 +2672,11 @@
             ],
             "fuzzy": true
         },
+        {
+            "id": "Specifies the server name to use for authentication when tunneling through a proxy. Use with -S to specify the dial address separately from the server name sent to SQL Server.",
+            "message": "Specifies the server name to use for authentication when tunneling through a proxy. Use with -S to specify the dial address separately from the server name sent to SQL Server.",
+            "translation": ""
+        },
         {
             "id": "{_X1} Disables commands that might compromise system security. Passing 1 tells sqlcmd to exit when disabled commands are run.",
             "message": "{_X1} Disables commands that might compromise system security. Passing 1 tells sqlcmd to exit when disabled commands are run.",
@@ -3671,6 +3676,11 @@
             ],
             "fuzzy": true
         },
+        {
+            "id": "Server name override is not supported with the current authentication method",
+            "message": "Server name override is not supported with the current authentication method",
+            "translation": ""
+        },
         {
             "id": "Password:",
             "message": "Password:",

diff --git a/internal/translations/locales/en-US/out.gotext.json b/internal/translations/locales/en-US/out.gotext.json
@@ -2674,6 +2674,13 @@
             ],
             "fuzzy": true
         },
+        {
+            "id": "Specifies the server name to use for authentication when tunneling through a proxy. Use with -S to specify the dial address separately from the server name sent to SQL Server.",
+            "message": "Specifies the server name to use for authentication when tunneling through a proxy. Use with -S to specify the dial address separately from the server name sent to SQL Server.",
+            "translation": "Specifies the server name to use for authentication when tunneling through a proxy. Use with -S to specify the dial address separately from the server name sent to SQL Server.",
+            "translatorComment": "Copied from source.",
+            "fuzzy": true
+        },
         {
             "id": "{_X1} Disables commands that might compromise system security. Passing 1 tells sqlcmd to exit when disabled commands are run.",
             "message": "{_X1} Disables commands that might compromise system security. Passing 1 tells sqlcmd to exit when disabled commands are run.",
@@ -3675,6 +3682,13 @@
             ],
             "fuzzy": true
         },
+        {
+            "id": "Server name override is not supported with the current authentication method",
+            "message": "Server name override is not supported with the current authentication method",
+            "translation": "Server name override is not supported with the current authentication method",
+            "translatorComment": "Copied from source.",
+            "fuzzy": true
+        },
         {
             "id": "Password:",
             "message": "Password:",