Locking down jobs in SQL Agent
From: Angela Henry (ahenry_at_affinitygroup.com)
Date: 06/26/03
- Next message: Jed Ozone: "role/permissions to allow SELECT and creating and deleting triggers"
- Previous message: nntp: "Re: Accessing SQL 2K from SQL 7"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 Jun 2003 11:28:14 -0700
We are in the process of removing developers from the
sysadmin role (I know it's a scary thing), however our
developers do need to be able to create/modify/run jobs
that they and others create.
Our ultimate goal is to create a role that has the correct
permissions to allow our developers to do this, without
being members of sysadmin.
I have looked at BOL and figured out which stored procs,
views and tables need to have permissions granted
appropriately, with one area of exception. That is the
notifications. The role I have created can do everything
we need it to do, except view/modify the notifications for
a job. Now, when I say they can't view/modify the
notifications for a job, I mean via EM. They are
perfectly able to view/modify notifications if they use QA
and the appropriate stored procs. However this is
cumbersome and we all know how developers don't like extra
work ;-)
So my question is this, is there anything else I can do so
developers in this role can view/modify notifications via
EM?
One thing to note, I ran the Profiler trying to capture
the difference between having the server registered as a
sysadmin and a member of my "joboperators" and came up
with 10 lines of what looks like embedded SQL that the EM
produces if you are a member of sysadmin. Could this be
true? Is there embedded SQL in EM? And if so, does that
mean I won't be able to do what I need to do?
TIA,
Angela
- Next message: Jed Ozone: "role/permissions to allow SELECT and creating and deleting triggers"
- Previous message: nntp: "Re: Accessing SQL 2K from SQL 7"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
