I created a domain account, and added it to the proper groups on the server.
I added this account to SQL, made it sysadmin, and disabled the login.
I created the proc with the EXECUTE AS this user.
Really not the right way to do this. The proxy user should be a rather mindless AD user with virtually no privs. Period. Then you don't have to disable the login.
The database that you're using should be owned by the disabled "sa" user. Of course, the SQL Server login should be able to "see" where it is that you want it to "see".
The only privs the users should need is "public", "connect", and privs to execute the proc. For sure, you must NEVER give the privs to execute xp_CmdShell. PERIOD!. The proc should have EXECUTE AS OWNER.
Heh... maybe I should submit my presentation on how to setup and use xp_CmdShell for the Pittsburgh SQL Saturday coming up?
Actually, after I looked at this whole thing again, the account is not sysadmin, It has only been granted rights to xp_cmdshell, and read\write access to the logging table in the utility database.
What about a presentation of "a bunch of SQL Spackle like" things to make life easier?