Local Service Account
-
Hi,
My SQL Server Service & Agent Service are running as Local Service Account. I have a job that needs to get a file from a remote shared folder, but i am getting access denied error on that folder.
So my question is, what account/user should i give permission to on that remote folder?
-
UT- (10/26/2009)
Hi,My SQL Server Service & Agent Service are running as Local Service Account. I have a job that needs to get a file from a remote shared folder, but i am getting access denied error on that folder.
So my question is, what account/user should i give permission to on that remote folder?
when SQL server tries to access anything outside of the SQL instance(xp_cmdshell, files/folders/, network shares, anything outside of it's own databases)
it uses it's own startup account to do it. it's THAT account that has to have permissions to browse to network services...most likely, right now it does not.
Go to Control Panel/Administrative Tools>>Services>> find the instance of SQL server you are referencing:
the account shown here most likely needs to be changes from local account to an admin account that would have permissions to login to your domain, and browse to shares.
if you change that to yourt own domain login and password, for example, you'd see it starts working the way you expect. I've always created a new network administrator called "SQLAdmin", with a known password, and used THAT account to run all the SQL services. Others may have better suggestions than mine, but that's what you need to change.[/quote]
Lowell
--help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible! -
Thanks guys.
I know using Local Service Account is not a good idea but for now it was working fine and was able to connect to the remote location untill we changed some permissions on the remote table, but now we cannot figure out what permission and to which user should we assign.
So at this point i just want to know which user is bind with 'local service account' so that we can give him the permissions to make the job work.
-
AFAIK, since the local service account never logs into the network/domain, it could never get to a remote share; I thought that even if you open a shared folder up to the group "Everyone", , you still have to log in to the network to become part of the "Everyone" group; not much different than "Authenticated Users" group from that perspective...still means you logged into the network....
so I'm pretty sure you'll have to change the account being used to someone else.
Lowell
--help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible! -
Lowell, thanks for your help.
We removed the access permissions from the shared folder and its working fine now with the 'Local System'.
You said it should not work with 'Local system' so I am sure there must be some gotcha which we donot understand yet.
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply