I have created a job with specifying the owner as <SomeSQLLogin>.
Later I have changed the password of that login.
Do Impact of change of password will affect excution of job?
I have tried it 2-3 times but job is executing successfully.
But I am not fully convinced whether change of password affect the job execu
tion or not.
Can some give greater detail on this?
One more issue:
When executing the job I tried to capture login logout event in profiler. I
find that:
Login Event occurs under login name of Agent Service account.
Logout Event occurs for login name of owner of the job.
In between SQL Server somehow chaged the logged in user. I don't know how?
Please clear this issue also.
Thanks in advance
PushkarHi
This is from BOL regarding sp_start_job, that the owner is not who the
account under which the job is executed, but will restrict who can run the
job.
"Permissions
Execute permissions default to the public role in the msdb database. A user
who can execute this procedure and is a member of the sy
min fixed role can
start any job. A user who is not a member of the sy
min role can usesp_start_job to start only the jobs he/she owns.
When sp_start_job is invoked by a user who is a member of the sy
min fixedserver role, sp_start_job will be executed under the security context in
which the SQL Server service is running. When the user is not a member of th
e
sy
min fixed server role, sp_start_job will impersonate the SQL ServerAgent proxy account, which is specified using xp_sqlagent_proxy_account. If
the proxy account is not available, sp_start_job will fail. This is only tru
e
for Microsoft? Windows NT? 4.0 and Windows 2000. On Windows 9.x, there is
no
impersonation and sp_start_job is always executed under the security context
of the Windows 9.x user who started SQL Server."
John
"Pushkar" wrote:
> Hi,
> I have created a job with specifying the owner as <SomeSQLLogin>.
> Later I have changed the password of that login.
> Do Impact of change of password will affect excution of job?
> I have tried it 2-3 times but job is executing successfully.
> But I am not fully convinced whether change of password affect the job exe
cution or not.
> Can some give greater detail on this?
> One more issue:
> When executing the job I tried to capture login logout event in profiler.
I find that:
> Login Event occurs under login name of Agent Service account.
> Logout Event occurs for login name of owner of the job.
> In between SQL Server somehow chaged the logged in user. I don't know how?
> Please clear this issue also.
> Thanks in advance
> Pushkar
>|||Hi,
I have not specified any account to be used as proxy account.
I have verified this by executing xp_sqlagent_proxy_account N'GET' and it
returns null.
But still job is running successfully.
I am not accessing any external resource through this job, then it does the
impersonation?
Is SQL Server is using 'sp_setuserbylogin' to change the logged on user from
Agent Service account to owner of the job.
Please clear my doubts.
Thanks
Pushkar
"John Bell" <jbellnewsposts@.hotmail.com> wrote in message
news:A43E89C0-DE85-44D0-BBF9-867F5D822A38@.microsoft.com...
> Hi
> This is from BOL regarding sp_start_job, that the owner is not who the
> account under which the job is executed, but will restrict who can run the
> job.
> "Permissions
> Execute permissions default to the public role in the msdb database. A
> user
> who can execute this procedure and is a member of the sy
min fixed role> can
> start any job. A user who is not a member of the sy
min role can use> sp_start_job to start only the jobs he/she owns.
> When sp_start_job is invoked by a user who is a member of the sy
min> fixed
> server role, sp_start_job will be executed under the security context in
> which the SQL Server service is running. When the user is not a member of
> the
> sy
min fixed server role, sp_start_job will impersonate the SQL Server> Agent proxy account, which is specified using xp_sqlagent_proxy_account.
> If
> the proxy account is not available, sp_start_job will fail. This is only
> true
> for Microsoft Windows NT 4.0 and Windows 2000. On Windows 9.x, there is
> no
> impersonation and sp_start_job is always executed under the security
> context
> of the Windows 9.x user who started SQL Server."
> John
>
> "Pushkar" wrote:
>
No comments:
Post a Comment