Post reply

SQL Agent Roles

  • February 7, 2012 at 10:57 am

    #1443986

    [RANT] Nothing wrong with the question or answer, but I do have a comment on Microsoft's implementation of SQL Agent security. In typical Microsoft way it's confusing by role name what the privilege is. I also think it's odd that most of the differences are based on who "owns" the job, but in a typical real world environment you wouldn't want a person's login principal to be the owner of anything in the database. People's duties tend to change too frequently for that to be practical, you often need one person to be able to cover for another's duties, and most SQL Agent jobs wouldn't be designed or built by an operator to begin with.[/RANT]

  • February 8, 2012 at 9:30 am

    #1444616

    Good opportunity to learn/review things I haven't needed to use very often (if ever!).

    Rob Schripsema
    Propack, Inc.

  • February 9, 2012 at 3:23 am

    #1444960

    Nice straightforward question and answer.

    Chris Harshman (2/7/2012)

    [RANT] Nothing wrong with the question or answer, but I do have a comment on Microsoft's implementation of SQL Agent security. In typical Microsoft way it's confusing by role name what the privilege is. I also think it's odd that most of the differences are based on who "owns" the job, but in a typical real world environment you wouldn't want a person's login principal to be the owner of anything in the database. People's duties tend to change too frequently for that to be practical, you often need one person to be able to cover for another's duties, and most SQL Agent jobs wouldn't be designed or built by an operator to begin with.[/RANT]

    Too true. But if you want security you have to be able to identify who did something, which means usernames which can do something have to be linked to people. In a high security environment that requirement for auditablility and traceability overrides the requirement to make it easy for people to change roles, and I guess MS want to be able to sell into high security environments.

    Tom

  • February 11, 2012 at 7:17 am

    #1445923

    Good question. Thanks for submitting.

    http://brittcluff.blogspot.com/

  • February 15, 2012 at 3:22 pm

    #1447581

    Thanks for the good question steve...

  • August 2, 2012 at 7:05 am

    #1520790

    Tx for the Q even if i got it wrong

    What you don't know won't hurt you but what you know will make you plan to know better

  • October 11, 2012 at 1:41 am

    #1547913

    How can we see the privileges assigned to a particular sql agent roles?

    _______________________________________________________________
    To get quick answer follow this link:
    http://www.sqlservercentral.com/articles/Best+Practices/61537/

Viewing 7 posts - 16 through 21 (of 21 total)

You must be logged in to reply to this topic. Login to reply