Solved

Are there any security risks adding user to MSDB database and giving them permissions to execute agent jobs?

Posted on 2010-11-11
8
408 Views
Last Modified: 2012-05-10
Are there any security risks adding user to MSDB database and giving them permissions to execute agent jobs?
0
Comment
Question by:Mr_Shaw
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 16

Accepted Solution

by:
EvilPostIt earned 500 total points
ID: 34113250
Assign your user the SQLAgentUserRole role in MSDB the will then be able to start and stop jobs
that are owned by his login. This will ensure that they cannot execute anything but jobs that are owned by them which would circumvent security issues.
0
 

Author Comment

by:Mr_Shaw
ID: 34113455
That works really well....

From a dba perspective do you think they would be happy with this setup?
0
 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113461
Im a DBA so yes.
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113468
Sorry that sounded quite blunt. Appologies for that.
0
 

Author Comment

by:Mr_Shaw
ID: 34113542
no problem... i'm just am SQL idot!!!
0
 

Author Closing Comment

by:Mr_Shaw
ID: 34113548
thanks
0
 

Author Comment

by:Mr_Shaw
ID: 34113748
I just read on http://msdn.microsoft.com/en-us/library/ms188283.aspx

The SQLAgentReaderRole and the SQLAgentOperatorRole are automatically members of the SQLAgentUserRole.

Should I deny permission on SQLAgentReaderRole and the SQLAgentOperatorRole as well?
0
 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113780
See what the DBA's say. If they arent bothered about then dont worry.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
It is possible to export the data of a SQL Table in SSMS and generate INSERT statements. It's neatly tucked away in the generate scripts option of a database.
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Viewers will learn how to use the UPDATE and DELETE statements to change or remove existing data from their tables. Make a table: Update a specific column given a specific row using the UPDATE statement: Remove a set of values using the DELETE s…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question