Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Who should own jobs in SQL Server 2005

Status
Not open for further replies.
katbear

katbear

Programmer
Mar 14, 2007
270
US
Hi,

Who should own job in SQL Server 2005? Currently, I have set up a couple new jobs, the owner is a windows login with administrative privileges on the server. So the job runs fine.

When I tried to change the owner to a non-admin user, the job failed, stating that I needed to set up proxy permissions or something to that effect. So I left the owner as the admin user.

Is that ok, or even the preferred owner of jobs?

Also -
One of my job steps is calling an SSIS package. On the "general" tab, it shows that it will run the package as the SQL Server Agent, and then there is a section "Log on to Server" where you select windows or sql server login info. In this case, I the SQL Server agent is a different windows account than the job owner... so who is logging in at the package level - the job owner or the SQL Server agent account?

Thanks very much
 
Sort by date Sort by votes
It really depends on what you mean by "Admin". I have a windows user account (regular vanilla) that doesn't have Domain Admin privledges, but is SysAdmin in SQL which we use for my SQL Server Agent account. We change job owners to that same account so that everything is consistant and works properly.

As far as OS admin privledges go, if you don't have any jobs which require access to the file system, I don't recommend using this. And even if you do, I recommend doing Share permissions for the user account rather than making it part of the local OS's Admin group. That's if you can get away with. Sometimes you just have to bite the bullet and have local OS admin and SysAdmin.

But I NEVER recommend Domain Admin being on any of your SQL accounts.



Catadmin - MCDBA, MCSA
"No, no. Yes. No, I tried that. Yes, both ways. No, I don't know. No again. Are there any more questions?"
-- Xena, "Been There, Done That"
 
Upvote 0 Downvote
I typically setup jobs to run as a non-privilaged application account. Each application will have a domain account, and we'll grant that account rights into the SQL Server just for the purpose of running the job.

The account gets the minimum rights needed to do it's work with no additional rights.

The exceptions to that are the DBA jobs which usually need sysadmin rights anyway, so they are run as the account which runs the SQL Server Service.

Denny
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / Microsoft Windows SharePoint Services 3.0: Configuration / Microsoft Office SharePoint Server 2007: Configuration)
MCITP Database Administrator (SQL 2005) / Database Developer (SQL 2005)

--Anything is possible. All it takes is a little research. (Me)
[noevil]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

grnzbra
  • Locked
  • Question
SQL Server in Windows
Replies
1
Views
241
pjw001
pjw001
CodeWell
  • Locked
  • Question
SQL Server 2017 Install Issue - Database Not in Configuration Manager
Replies
0
Views
226
CodeWell
CodeWell
bethabernathy
  • Locked
  • Question
Front End Access 365 Database dsn Connection Fails when attempting to link to 2016 SQL server
Replies
1
Views
176
dhookom
dhookom
Ikatiemarie
  • Locked
  • Question
SQL Server 2008 SP_Send_dbmail
Replies
0
Views
466
Ikatiemarie
Ikatiemarie
dgillz
  • Locked
  • Question
SQL View not available to Excel Power Query
Replies
1
Views
175
dgillz
dgillz

Part and Inventory Search

Sponsor

Back
Top