• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 435
  • Last Modified:

Are there any security risks adding user to MSDB database and giving them permissions to execute agent jobs?

Are there any security risks adding user to MSDB database and giving them permissions to execute agent jobs?
0
Mr_Shaw
Asked:
Mr_Shaw
  • 4
  • 4
1 Solution
 
EvilPostItCommented:
Assign your user the SQLAgentUserRole role in MSDB the will then be able to start and stop jobs
that are owned by his login. This will ensure that they cannot execute anything but jobs that are owned by them which would circumvent security issues.
0
 
Mr_ShawAuthor Commented:
That works really well....

From a dba perspective do you think they would be happy with this setup?
0
 
EvilPostItCommented:
Im a DBA so yes.
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
EvilPostItCommented:
Sorry that sounded quite blunt. Appologies for that.
0
 
Mr_ShawAuthor Commented:
no problem... i'm just am SQL idot!!!
0
 
Mr_ShawAuthor Commented:
thanks
0
 
Mr_ShawAuthor Commented:
I just read on http://msdn.microsoft.com/en-us/library/ms188283.aspx

The SQLAgentReaderRole and the SQLAgentOperatorRole are automatically members of the SQLAgentUserRole.

Should I deny permission on SQLAgentReaderRole and the SQLAgentOperatorRole as well?
0
 
EvilPostItCommented:
See what the DBA's say. If they arent bothered about then dont worry.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now