Home Forums SQL Server 2017 SQL Server 2017 - Development Proxy account not working in stored procedure RE: Proxy account not working in stored procedure

  • May 3, 2018 at 11:30 am

    #1989131

    Jeff Moden - Thursday, May 3, 2018 11:12 AM

    Ok... this is all going the wrong way.  NEVER NEVER NEVER grant privs to any user or application login to execute xp_CmdShell directly!  NEVER!  If they need to do something that requires the use of xp_CmdShell, then only allow them to use a very well controlled, very well written stored procedure and don't forget that there IS such a thing as DOS INJECTION!

    If you grant a non-sysadmin permissions to xp_cmdshell they can't execute it without the proxy account. So it seems what you are saying is really don't ever use the xp_cmdshell proxy account. To use it, you grant execute permissions to a non-sysadmin.
    I was explaining why they got the errors they got as they were using it on a different server and didn't have issues.

    Sue