January 26, 2026 at 4:28 pm
I'm running a group MSA for the database engine and SQL Agent in a clustered environment with Availability Groups. For backups, we currently use the Ola Hallengren scripts and agent jobs. Despite me granting all permissions to the MSA on the backup NAS, it cannot see it and the jobs fail with an error "the directory does not exist". I've tried the usual workarounds such as using "WITH EXECUTE AS" in the stored procedure and job step but that doesn't make a difference, nor did changing the job owner. As a stopgap, I'm backing everything up locally and then immediately moving the files to the NAS via a job step that runs a PowerShell script with a proxy account. This is not a good setup, but I don't want to have to change the service accounts back to a domain account either. Can someone please assist? There has to be a way around this.
January 26, 2026 at 4:36 pm
I would say it isn't setup correctly on the NAS.
as you are using a SP - check that the SQL Server account also has required permissions, not just the SQL Agent. If I recall correctly, in some instances the user used on that case (assuming the SQL Server gmsa is a sysadmin), are those of the SQL instance, not the sql agent.
but regardless - the safest and fastest way normally is to backup locally and then copy the files to NAS.
January 26, 2026 at 4:45 pm
The job runs under the GMSA, correct? Is that the job owner?
Can you add a step that is a cmdexec step running " whoami > test.txt" and log which account is actually in play? This sometimes helps me debug where things might be failing with regards to accessing the remote folder.
January 26, 2026 at 6:08 pm
Yes, the job is running under the gMSA and that's the owner. Using your suggested steps, I was able to confirm that even when I add the "EXECUTE AS USER" clause to the job step that executes the proc, the job still runs as the gMSA login.
Viewing 4 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply