Solved

Are there any security risks adding user to MSDB database and giving them permissions to execute agent jobs?

Posted on 2010-11-11
8
401 Views
Last Modified: 2012-05-10
Are there any security risks adding user to MSDB database and giving them permissions to execute agent jobs?
0
Comment
Question by:Mr_Shaw
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 16

Accepted Solution

by:
EvilPostIt earned 500 total points
ID: 34113250
Assign your user the SQLAgentUserRole role in MSDB the will then be able to start and stop jobs
that are owned by his login. This will ensure that they cannot execute anything but jobs that are owned by them which would circumvent security issues.
0
 

Author Comment

by:Mr_Shaw
ID: 34113455
That works really well....

From a dba perspective do you think they would be happy with this setup?
0
 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113461
Im a DBA so yes.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113468
Sorry that sounded quite blunt. Appologies for that.
0
 

Author Comment

by:Mr_Shaw
ID: 34113542
no problem... i'm just am SQL idot!!!
0
 

Author Closing Comment

by:Mr_Shaw
ID: 34113548
thanks
0
 

Author Comment

by:Mr_Shaw
ID: 34113748
I just read on http://msdn.microsoft.com/en-us/library/ms188283.aspx

The SQLAgentReaderRole and the SQLAgentOperatorRole are automatically members of the SQLAgentUserRole.

Should I deny permission on SQLAgentReaderRole and the SQLAgentOperatorRole as well?
0
 
LVL 16

Expert Comment

by:EvilPostIt
ID: 34113780
See what the DBA's say. If they arent bothered about then dont worry.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to leverage one TLS certificate to encrypt Microsoft SQL traffic and Remote Desktop Services, versus creating multiple tickets for the same server.
Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.
Via a live example, show how to backup a database, simulate a failure backup the tail of the database transaction log and perform the restore.

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question