Solved

Are there any security risks adding user to MSDB database and giving them permissions to execute agent jobs?

Posted on 2010-11-11
8
361 Views
Last Modified: 2012-05-10
Are there any security risks adding user to MSDB database and giving them permissions to execute agent jobs?
0
Comment
Question by:Mr_Shaw
  • 4
  • 4
8 Comments
 
LVL 16

Accepted Solution

by:
EvilPostIt earned 500 total points
ID: 34113250
Assign your user the SQLAgentUserRole role in MSDB the will then be able to start and stop jobs
that are owned by his login. This will ensure that they cannot execute anything but jobs that are owned by them which would circumvent security issues.
0
 

Author Comment

by:Mr_Shaw
ID: 34113455
That works really well....

From a dba perspective do you think they would be happy with this setup?
0
 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113461
Im a DBA so yes.
0
 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113468
Sorry that sounded quite blunt. Appologies for that.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:Mr_Shaw
ID: 34113542
no problem... i'm just am SQL idot!!!
0
 

Author Closing Comment

by:Mr_Shaw
ID: 34113548
thanks
0
 

Author Comment

by:Mr_Shaw
ID: 34113748
I just read on http://msdn.microsoft.com/en-us/library/ms188283.aspx

The SQLAgentReaderRole and the SQLAgentOperatorRole are automatically members of the SQLAgentUserRole.

Should I deny permission on SQLAgentReaderRole and the SQLAgentOperatorRole as well?
0
 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113780
See what the DBA's say. If they arent bothered about then dont worry.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

In this article I will describe the Detach & Attach method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
In this article we will get to know that how can we recover deleted data if it happens accidently. We really can recover deleted rows if we know the time when data is deleted by using the transaction log.
Using examples as well as descriptions, and references to Books Online, show the documentation available for datatypes, explain the available data types and show how data can be passed into and out of variables.
Viewers will learn how to use the SELECT statement in SQL to return specific rows and columns, with various degrees of sorting and limits in place.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now