February 10, 2015 at 10:55 am
I have a windows login that is part of sysadmin, that is trying to run a stored procedure that includes xp_cmdshell. It ran fine until the user had to update their password. Now we get the following error:
An error occurred during the execution of xp_cmdshell. A call to 'LogonUserW' failed with error code: '1326'.
My understanding is this is because of the password change. My question is what's the best way to fix this. We change our passwords every 90 days, so we don't necessarily want to have to make manual changes each time.
I'm not overly familiar with xp_cmdshell, so perhaps there is an easy way to do this.
All help is appreciated!
Thanks!
February 10, 2015 at 11:51 am
Quick thought, use EXECUTE AS
😎
February 10, 2015 at 11:55 am
Its using Execute As "domain\user" currently, and that user is a sys admin
February 10, 2015 at 12:01 pm
bmahony993 (2/10/2015)
Its using Execute As "domain\user" currently, and that user is a sys admin
Is "domain\user" password expired?
😎
February 10, 2015 at 12:12 pm
Yes. The password expired, and the user updated with a new one via Windows. Now we can't run xp_cmdShell and get the error above.
December 23, 2024 at 8:33 pm
I ran into this myself--same error message and similar circumstances. Here was what worked for us.
Issue: Users were reporting failed job runs in a legacy app that allows users to fire ad-hoc reporting jobs (Although, it's notable that it doesn't actually use Jobs, but manually fired SPs with no failure notifications for reasons I'm unsure of, scared to find out, and will probably have to fix in the future).
This was in the days following resetting the AD password and then updating the SQL Server and SQL Agent password on all affected servers. Google kept sending me here, so I wanted to share my solution.
On just two of our servers, a proxy account is set up for xp_cmdshell in the Credentials on SQL Server called ##xp_cmdshell_proxy_account##
.
As such, the old credentials were still living there and being sent in the call to LogonUserW to start a new local session and failing.
Using sp_xp_cmdshell_proxy_account 'DOMAIN\Account', 'NEWPASSWORD'
I was able to get things working as expected again.
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply