Solved

Are there any security risks adding user to MSDB database and giving them permissions to execute agent jobs?

Posted on 2010-11-11
8
387 Views
Last Modified: 2012-05-10
Are there any security risks adding user to MSDB database and giving them permissions to execute agent jobs?
0
Comment
Question by:Mr_Shaw
  • 4
  • 4
8 Comments
 
LVL 16

Accepted Solution

by:
EvilPostIt earned 500 total points
ID: 34113250
Assign your user the SQLAgentUserRole role in MSDB the will then be able to start and stop jobs
that are owned by his login. This will ensure that they cannot execute anything but jobs that are owned by them which would circumvent security issues.
0
 

Author Comment

by:Mr_Shaw
ID: 34113455
That works really well....

From a dba perspective do you think they would be happy with this setup?
0
 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113461
Im a DBA so yes.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113468
Sorry that sounded quite blunt. Appologies for that.
0
 

Author Comment

by:Mr_Shaw
ID: 34113542
no problem... i'm just am SQL idot!!!
0
 

Author Closing Comment

by:Mr_Shaw
ID: 34113548
thanks
0
 

Author Comment

by:Mr_Shaw
ID: 34113748
I just read on http://msdn.microsoft.com/en-us/library/ms188283.aspx

The SQLAgentReaderRole and the SQLAgentOperatorRole are automatically members of the SQLAgentUserRole.

Should I deny permission on SQLAgentReaderRole and the SQLAgentOperatorRole as well?
0
 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113780
See what the DBA's say. If they arent bothered about then dont worry.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have a large data set and a SSIS package. How can I load this file in multi threading?
In this article we will learn how to fix  “Cannot install SQL Server 2014 Service Pack 2: Unable to install windows installer msi file” error ?
Familiarize people with the process of utilizing SQL Server functions from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Ac…
Via a live example, show how to set up a backup for SQL Server using a Maintenance Plan and how to schedule the job into SQL Server Agent.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question