mrdenny (12/14/2009)
Using xp_cmdshell pretty much isn't ever a good idea, as for security reasons xp_cmdshell should be disabled.
Properly setup proxies take care of such concerns... especially on non-public facing ETL systems where using some of the natural DOS commands make life very easy.
The only time I've seen someone get into hot water with xp_cmdshell proxies is when the passwords are given out. That, of course, includes unbridled SA access by developers and applications.
--Jeff Moden
Change is inevitable... Change for the better is not.