Need some permissions issuses fixed

Environ is Server 2008 windows domain.  SQL 2008 servers.

Some of my users need to edit the content of jobs that they do not own.  So, they need to edit jobs owned by someone else.  I would like to grant them permissions to do so, but I'm not sure of the best way to do this.  

We use Windows authentication so I'd like to use a domain account or group.  The odd thing is, we want to move people in and out of this group as needed and not leave them in there all the time.

Should I build an AD group, drop it into local workstation admins group and then delegate a couple of admins rights to add/remove people from that group?

Thoughts on best way to accomplish this?

Thanks

Cliff
crp0499CEOAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

NVITEnd-user supportCommented:
Hopefully the files are in a certain folder on a file server. Then, you can apply the perms to the folder.

Making an AD group is good. Then, add the group to the folder, giving them needed rights.

FYI: Each time you add/move users to the group, they must logoff then logon for the perms to effect.
0
crp0499CEOAuthor Commented:
These aren't files and folders I don't think.  These are SQL jobs in SQL that are owned by other users and no owner users need to edit the jobs so we give then temp SA rights.  We are doing it manually now and want to use AD to create a Role and then maybe put the users into a group and then add and remove the group from the role as needed.
0
Vitor MontalvãoMSSQL Senior EngineerCommented:
Jobs are stored in msdb database so you don't need to give sa rights to the users.
All the roles you need are in msdb:
SQLAgentUserRole
SQLAgentReaderRole
SQLAgentOperatorRole
But for what you told I think they'll only need to have the SQLAgentUserRole.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.