Solved

Granting access to xp_cmdshell

Posted on 2013-11-09
2
231 Views
Last Modified: 2013-11-14
I already know the cons of allowing access to xp_cmdshell but it currently can't be avoided.  That said, would it be better to set my SQL User as a SysAdmin or setup and use the xp_cmdshell_proxy_account?

Thanks
0
Comment
Question by:cat4larry
2 Comments
 
LVL 44

Accepted Solution

by:
Rainer Jeschor earned 500 total points
ID: 39636925
Hi,
imho I would use the proxy account. This enables you at least to restrict your SQL user permissions as normally this one should not have sysadmin privs (but it would depend on your specific situation).
Just my 2ct
Rainer
0
 
LVL 26

Expert Comment

by:Zberteoc
ID: 39637065
A sysadmin account has the rights to use xp_cmdshell if enabled. If is not enabled a sysadmin can enable it with:

-- To allow advanced options to be changed.
EXEC sp_configure 'show advanced options', 1
GO
-- To update the currently configured value for advanced options.
RECONFIGURE
GO
-- To enable the feature.
EXEC sp_configure 'xp_cmdshell', 1
GO
-- To update the currently configured value for this feature.
RECONFIGURE
GO

Open in new window

There are no cons really as long as only the sysadmin can use it, as it is actually designed for. A DBA, sysadmin, should have anyway right to do things on the server unless the policy of the company is to not allow at all OS rights for the DBAs, in which case they are not allowed to use it not that they couldn't.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

In this article—a derivative of my DaytaBase.org blog post (http://daytabase.org/2011/06/18/what-week-is-it/)—I will explore a few different perspectives on which week today's date falls within using Microsoft SQL Server. First, to frame this stu…
Introduction SQL Server Integration Services can read XML files, that’s known by every BI developer.  (If you didn’t, don’t worry, I’m aiming this article at newcomers as well.) But how far can you go?  When does the XML Source component become …
Via a live example, show how to extract information from SQL Server on Database, Connection and Server properties
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now