user not able to run jobs
-
I have a developer who I want to be able to create and run jobs on a test server. He has db_owner on his own database, and even db_owner on msdb. He can view and edit the jobs, but he isn't able to run them. He is not the owner of the job; I have a separate SQL login with sa privileges to run jobs.
Even when I specifically grant this user EXEC permissions on sp_start_job, he gets denied. Ideas??
-
only sa can run jobs he/she does not own.
you might consider a workaround using alerts which launch the wanted job.
Johan
Learn to play, play to learn !Dont drive faster than your guardian angel can fly ...
but keeping both feet on the ground wont get you anywhere :w00t:- How to post Performance Problems
- How to post data/code to get the best help[/url]- How to prevent a sore throat after hours of presenting ppt
press F1 for solution, press shift+F1 for urgent solution 😀
Need a bit of Powershell? How about this
Who am I ? Sometimes this is me but most of the time this is me
-
Why not create a workjob sproc that does the same thing as the job. Take the step code and put it into a sproc then this person should be able to run it any time they wish. After all if the code is the same then it shouldn't make any difference and your security rules will remain intact. You could even create an interface for it so that running it becomes perposeful.
I am assuming that it is a cursor job or some kind of a batch process. After all this is a test server; but you don't want to set permissions and then export it to the production server by accident.
Pam
Pamela Reinskou -
Thanks folks - what I didn't know (and just learned yesterday) is that only sa can run jobs they don't own. Hard to know sometimes what the ordinary users aren't able to do
-
Jeff, if you still like your users execute som jobs, add them into the role TargetServersRole in msdb database.
This role permits the users into it to execute, see the jobs, etc.
Review the permissions for this role and add the ones you like.
Sharon.
-
so, as it turns out, TargetServersRole not only allows the user to see all jobs, but also specifically denies them pretty much anything else they'd want to do with them. I had to alter the role to allow it access to sp_add_jobs, sp_startjob, etc. Fixed now though - thanks for the help folks!!
Jeff
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply