SSIS Packages & SSSMS Jobs Security

  • Hi All,

    On my local XP machine logged on with non admin windows account. I have created an whole bunch dtsx packages in BIDS 2005 to upload data to a FTP folder. I then created some jobs in SSMS 2005 to run these packages\jobs every morning. I found that the SQL server agent account didn't have the correct permissions to run them.

    I then created a SQL proxy account linked to a credential account that stored my local windows account details and the jobs run fine.

    So my question is what do I do when I move the packages to the live server. The credential should still find my windows account through AD, but what happens if my password expires\changed or my account is disabled(when my contract finished in a few weeks).

    I have tried changing the protection level to 'dontsavesenstive' but this doesn't give the SQL server agent account access.

    There's got to be a better way for long term running?

    Thanks

  • ringovski (8/15/2011)


    So my question is what do I do when I move the packages to the live server.

    You need to explicitly create the Credential on the prod instance, and link it to a Windows User that has the necessary permissions to do the work in the Agent job steps.

    The credential should still find my windows account through AD, but what happens if my password expires\changed or my account is disabled(when my contract finished in a few weeks).

    Ask for a service account to be created, use that in the Credential instead of your account and make sure the folks in charge of periodically changing service account passwords are aware of its existence.

    There are no special teachers of virtue, because virtue is taught by the whole community.
    --Plato

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply