Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 468
  • Last Modified:

permissions to run package in job

the package run fine, when did manually.. when put in a sql job, it fails for permissions sake.

it is run from server1, and in one task, the connection manager is for server 2 - that is where it is failing. but the server #1's service account is local admin in server2. won't that be enough? what other permissions would it need?

thanks
0
anushahanna
Asked:
anushahanna
  • 6
  • 4
  • 3
  • +1
7 Solutions
 
mordiCommented:
Hi,
Save copy of the package in database server not in the file system and chose package protection level: Rely on server storage and roles...
Then change the job step to run that saved copy of the package from its database server location.
0
 
Reza RadCommented:
are you sure that this is permission issue?
Did you deployed package correctly?
if you aren't sure, follow this tutorial on how to deploy and run package under sql server job:
http://www.protalk.in/sql-server/steps-to-create-and-deploy-ssis-package-as-a-sqlagent-job/

Tell us If your problem still exists.
0
 
anushahannaAuthor Commented:
mordi, i saved it in msdb in Integration Services.

is package protection level a property- where do i change it?

0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
anushahannaAuthor Commented:
reza_rad, the error is
Message
Executed as user: SRBSV\POST04. Microsoft (R) SQL Server Execute Package Utility  Version 10.0.4000.0 for 64-bit  Copyright (C) Microsoft Corp 1984-2005. All rights reserved.    Started:  1:13:24 PM  Error: 2011-03-01 13:24:49.82     Code: 0xC0202009     Source: TRACKER Connection manager "POSS0041.master"     Description: SSIS Error Code DTS_E_OLEDBERROR.  An OLE DB error has occurred. Error code: 0x80040E4D.  An OLE DB record is available.  Source: "Microsoft SQL Server Native Client 10.0"  Hresult: 0x80040E4D  Description: "Login failed for user 'SRBSV\POST04'.".  End Error  Error: 2011-03-01 13:24:49.87     Code: 0xC00291EC     Source: Restore TRACKER on POSS0041 Execute SQL Task     Description: Failed to acquire connection "POSS0041.master". Connection may not be configured correctly or you may not have the right permissions on this connection.  End Error  DTExec: The package execution returned DTSER_FAILURE (1).  Started:  1:13:24 PM  Finished: 1:24:49 PM  Elapsed:  685.733 seconds.  The package execution failed.  The step failed.
0
 
Reza RadCommented:
did you tried the link I suggested?
0
 
mordiCommented:
When saving the package using menu "Save a copy of ..." you choose sql server in package location and you click the button next to the protection level field and select the option Rely on server ...
0
 
dba2dbaCommented:
You mentioned that the account is a local admin on server 2, is is also sql server admin?

Also, If you have SA permissions on both the servers, it is worth trying to execute the package using a proxy account, if the package is successful, it can be narrowed down to permissions issue. Below is the link to setup using proxy acct:

http://www.mssqltips.com/tip.asp?tip=2163

Thanks,
0
 
anushahannaAuthor Commented:
reza_rad, how i have it now is consistent with what the article shows except:
Is EncryptSensitiveWithUserKey OK, if the package is working on this server, and we intend to keep it only in this server?

is that vital for success?
0
 
anushahannaAuthor Commented:
mordi, how is the "rely on server..." method fool proof for the permissions issue?
0
 
anushahannaAuthor Commented:
dba2dba, it is only a OS admin (actually service account), not SQL SA..
0
 
Reza RadCommented:
you should check the sql server configuration , and see that sql server agent service runs under which account?
when you work with EncryptSensitiveWithUserKey only the user which developed package can run this package, because all sensitive data like connection string password will remove under other accounts.

0
 
mordiCommented:
Concerning the  package protection level: "Rely on Server storage and roles for access control" , the packages are protected by database roles for example:
db_dtsadmin (with full administrative privileges to all SSIS packages stored in SQL Server), db_dtsoperator (permitted to view, enumerate, launch directly or schedule for execution, and export all SSIS packages - but not import, or delete them), and db_dtsltduser (which members are able to manage packages that they own by virtue of importing them into msdb database or to which they have been explicitly granted permissions).
0
 
anushahannaAuthor Commented:
your ideas helped- it was not a permissions issue as you mentioned..

thanks for sharing an very pertinent solution..
0
 
mordiCommented:
So what was the problem and solution?
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 6
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now