What security to use

Question

What security to use

stargazer74

SSC Veteran

Points: 201
More actions
February 27, 2004 at 3:33 pm

#82231

What security would you give a windows group (created specifically for the developers) to be able to see that their scheduled jobs succeeded/failed in SQL Server, but not let them do anything else in the production database?
They don't want to use the notification option that's built into the job scheduling function so it would email them.
Jennifer

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply

noeld SSC Guru Points: 96590 More actions · Answer 1

In Production NO A SINGLE DEVELOPER should be Allowed

In that Case I would create a job to retrieve the status from the Production Box and Populates a table On DEvelopment so that they can query it.

But:

If you still persist try TargetServersRole (on msdb) and if you have sp3 on it they can browse but not start the jobs

* Noel

Frank Kalis SSC Guru Points: 111183 More actions · Answer 2

To add to noeld, I guess it's not really a wish what the developer want to use and what not. You as the DBA are responsible for your server and for the security of its data. Noone else.

--
Frank Kalis
Microsoft SQL Server MVP
Webmaster: http://www.insidesql.org/blogs
My blog: http://www.insidesql.org/blogs/frankkalis/[/url]

Randy_Dyess SSC Eights! Points: 974 More actions · Answer 3

If you really want to get fancy and this is a production project, then you could create a small web page that would query for the latest status and any other information deemed necessary for each job. This information would then be posted for the developers and a report. This would keep the developers out of the database but allow a flexible system for report job status information to others.

Randy

http://www.Database-Security.info

stargazer74 SSC Veteran Points: 201 More actions · Answer 4

Thanks to all of you for the help. Both the web page idea and query to a table in the development database were great alternatives. I wasn't logged on this weekend, so I'm just seeing your replies now. Being new to DBA responsibilities, I really had an uneasy feeling when I was asked to do this. I too, agree that no developer should be allowed in the production database. Thanks for reinforcing that 'NO' needs to be a prominent word in my vocabulary and that data security should be a top priority.