Granting xp_cmdshell permission to SQL Login
- From: Mark Allison <marka@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 27 Nov 2007 05:16:04 -0800
Hi database geeks and MVPs!
Using SQL Server 2005 SP2
I have a stored procedure in my database which calls xp_cmdshell to run a
little task. I have done the following to allow this proc to be executed by a
non-privileged user:
USE MASTER
GO
EXEC sp_configure 'xp_cmdshell', 1
RECONFIGURE
GO
IF NOT EXISTS (SELECT * FROM master.dbo.syslogins WHERE loginname =
N'mysqllogin')
CREATE LOGIN [mysqllogin] WITH PASSWORD = 'myPa55word'
GO
CREATE USER mysqllogin FROM LOGIN mysqllogin
GRANT EXECUTE ON xp_cmdshell TO mysqllogin
CREATE DATABASE mytestdb
GO
USE mytestdb
GO
CREATE USER mysqllogin FROM LOGIN mysqllogin
GO
CREATE PROC exec_xpcmdshell
AS
EXEC MASTER.dbo.xp_cmdshell 'dir c:\'
GO
GRANT EXECUTE ON exec_xpcmdshell TO mysqllogin
EXECUTE AS USER = 'mysqllogin'
GO
EXEC [exec_xpcmdshell]
GO
revert
I get the following error:
Msg 15121, Level 16, State 200, Procedure xp_cmdshell, Line 1
An error occurred during the execution of xp_cmdshell. A call to
'LogonUserW' failed with error code: '1329'.
Why is that? Is it possible to allow a SQL Login to execute xp_cmdshell
through via a stored procedure?
Thanks,
Mark.
.
- Follow-Ups:
- Re: Granting xp_cmdshell permission to SQL Login
- From: Ekrem Önsoy
- Re: Granting xp_cmdshell permission to SQL Login
- From: Uri Dimant
- Re: Granting xp_cmdshell permission to SQL Login
- Prev by Date: Re: SQL 2000
- Next by Date: Re: Granting xp_cmdshell permission to SQL Login
- Previous by thread: Re: Missing History for Jobs (msdb.dbo.sysjobhistory)
- Next by thread: Re: Granting xp_cmdshell permission to SQL Login
- Index(es):
Relevant Pages
|
|
