grant permissions to view SQL Server agent.

SQLServerCentral is supported by Red Gate Software Ltd.

Popular Topics

Home

Members

Calendar

Who's On

Home » SQL Server 7,2000 » SQL Server Agent » grant permissions to view SQL Server agent.

grant permissions to view SQL Server agent.

Rate Topic

Display Mode

Topic Options

Author

Message

striker-baba

Posted Friday, July 02, 2010 8:32 AM

Valued Member

Group: General Forum Members
Last Login: Yesterday @ 7:35 PM
Points: 72, Visits: 355

Hi all,

I am not able to see the sql server agent.
But, when I login as a sysadmin I am able to see.

Can anyone help me on how to provide read access to sql server agent
so that when I logon as a datareader I need to be able to view SQLserver agent.

Only read or view permissions.

Thanks .

Post #946862

spaghettidba

Posted Friday, July 02, 2010 8:55 AM

SSCarpal Tunnel

Group: General Forum Members
Last Login: Thursday, May 16, 2013 8:29 AM
Points: 4,804, Visits: 8,067

You have to be member of some fixed database roles in msdb to see sql agent.
See here:

http://msdn.microsoft.com/en-us/library/ms188283.aspx

Get your two-cent-answer quickly
The Spaghetti DBA

Post #946890

striker-baba

Posted Friday, July 02, 2010 9:58 AM

Valued Member

Group: General Forum Members
Last Login: Yesterday @ 7:35 PM
Points: 72, Visits: 355

Ok. I just need viewable permissions on the sql agent.

So, what role would be the best to grant least permissions
so that user can only be able to view the sql server agent and cannot make any changes to other jobs or schedules.

Post #946959

spaghettidba

Posted Friday, July 02, 2010 10:26 AM

SSCarpal Tunnel

Group: General Forum Members
Last Login: Thursday, May 16, 2013 8:29 AM
Points: 4,804, Visits: 8,067

SQLAgentUserRole is the least privileged of the SQL Server Agent fixed database roles.
It still can start/stop jobs, but owned ones only.

Get your two-cent-answer quickly
The Spaghetti DBA

Post #946983

striker-baba

Posted Friday, July 02, 2010 3:03 PM

Valued Member

Group: General Forum Members
Last Login: Yesterday @ 7:35 PM
Points: 72, Visits: 355

Ok.

I configured it to SQLAgentReader Role.
and do you think we have any major difference between
SQLAgentUserRole and SQLAgentReader

Post #947096

spaghettidba

Posted Monday, July 05, 2010 1:06 AM

SSCarpal Tunnel

Group: General Forum Members
Last Login: Thursday, May 16, 2013 8:29 AM
Points: 4,804, Visits: 8,067

It's explained in detail in the BOL page I posted.
SQLAgentReaderRole has some more privileges than SQLAgentUserRole.

Get your two-cent-answer quickly
The Spaghetti DBA

Post #947391

jcmcgovern

Posted Wednesday, November 14, 2012 4:14 PM

Forum Newbie

Group: General Forum Members
Last Login: Thursday, December 20, 2012 10:55 AM
Points: 2, Visits: 16

All these look great. But how can I deny users execute, update, delete.... and only have viewing of the jobs?

Post #1384917

spaghettidba

Posted Wednesday, November 14, 2012 5:24 PM

SSCarpal Tunnel

Group: General Forum Members
Last Login: Thursday, May 16, 2013 8:29 AM
Points: 4,804, Visits: 8,067

Grant the SQLAgentReaderRole and set the job owner to a different user.
That way, users can only see the jobs, but cannot start/stop/modify them.

Get your two-cent-answer quickly
The Spaghetti DBA

Post #1384940

jcmcgovern

Posted Thursday, November 15, 2012 8:07 AM

Forum Newbie

Group: General Forum Members
Last Login: Thursday, December 20, 2012 10:55 AM
Points: 2, Visits: 16

All I need now is to not allow updates to existing jobs

Any ideas?


USE msdb;
CREATE ROLE JobsViewer AUTHORIZATION db_securityadmin;
GO

use msdb
EXECUTE sp_addrolemember 'JobsViewer', 'johntest1'


DENY EXECUTE ON OBJECT::msdb.dbo.sp_add_job TO JobsViewer
DENY EXECUTE ON OBJECT::msdb.dbo.sp_add_jobserver TO JobsViewer
DENY EXECUTE ON OBJECT::msdb.dbo.sp_add_jobstep TO JobsViewer
DENY EXECUTE ON OBJECT::msdb.dbo.sp_update_job TO JobsViewer
DENY EXECUTE ON OBJECT::msdb.dbo.sp_add_jobschedule TO JobsViewer
DENY EXECUTE ON OBJECT::msdb.dbo.sp_delete_job TO JobsViewer

Post #1385179

« Prev Topic | Next Topic »

Permissions